Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Formal Aspects in Security and Trust

FAST 2011: Formal Aspects of Security and Trust pp 21–38Cite as

Better Security and Privacy for Web Browsers: A Survey of Techniques, and a New Implementation

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7140))

Abstract

The web browser is one of the most security critical software components today. It is used to interact with a variety of important applications and services, including social networking services, e-mail services, and e-commerce and e-health applications. But the same browser is also used to visit less trustworthy sites, and it is unreasonable to make it the end-user’s responsibility to “browse safely”. So it is an important design goal for a browser to provide adequate privacy and security guarantees, and to make sure that potentially malicious content from one web site can not compromise the browser, violate the user’s privacy, or interfere with other web sites that the user interacts with.

Hence, browser security has been a very active topic of research over the past decade, and many proposals have been made for new browser security techniques or architectures. In the first part of this paper, we provide a survey of some important problems and some proposed solutions. We start with a very broad view on browser security problems, and then zoom in on the issues related to the security of JavaScript scripts on the Web. We discuss three important classes of techniques: fine-grained script access control, capability-secure scripting and information flow security for scripts, focusing on techniques with a solid formal foundation.

In the second part of the paper, we describe a novel implementation of one information flow security technique. We discuss how we have implemented the technique of secure multi-execution in the Mozilla Firefox browser, and we report on some preliminary experiments with this implementation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akhawe, D., Barth, A., Lam, P.E., Mitchell, J., Song, D.: Towards a formal foundation of web security. In: Computer Security Foundations Symposium, pp. 290–304. IEEE (2010)

    Google Scholar 

  2. Askarov, A., Sabelfeld, A.: Tight enforcement of information-release policies for dynamic languages. In: CSF, pp. 43–59 (2009)

    Google Scholar 

  3. Austin, T., Flanagan, C.: Multiple facets for dynamic information flow. In: POPL (2012)

    Google Scholar 

  4. Barth, A., Jackson, C., Mitchell, J.C.: Robust defenses for cross-site request forgery. In: 15th ACM Conference on Computer and Communications Security, CCS 2008 (2008), http://seclab.stanford.edu/websec/csrf/csrf.pdf

  5. Bielova, N., Devriese, D., Massacci, F., Piessens, F.: Reactive non-interference for a browser model. In: Proceedings of the International Conference on Network and System Security, NSS (September 2011)

    Google Scholar 

  6. Bohannon, A., Pierce, B.C.: Featherweight Firefox: Formalizing the core of a web browser. In: WebApps (2010)

    Google Scholar 

  7. Bohannon, A., Pierce, B.C., Sjöberg, V., Weirich, S., Zdancewic, S.: Reactive noninterference. In: CCS (2009)

    Google Scholar 

  8. Capizzi, R., Longo, A., Venkatakrishnan, V., Sistla, A.: Preventing information leaks through shadow executions. In: ACSAC (2008)

    Google Scholar 

  9. Chudnov, A., Naumann, D.A.: Information flow monitor inlining. In: CSF, pp. 200–214 (2010)

    Google Scholar 

  10. Chugh, R., Meister, J., Jhala, R., Lerner, S.: Staged information flow for Javascript. In: PLDI (2009)

    Google Scholar 

  11. De Ryck, P., Decat, M., Desmet, L., Piessens, F., Joosen, W.: Security of web mashups: a survey. In: 15th Nordic Conference in Secure IT Systems (NordSec 2010), Springer, Heidelberg (2011), https://lirias.kuleuven.be/handle/123456789/317390

    Google Scholar 

  12. De Ryck, P., Desmet, L., Heyman, T., Piessens, F., Joosen, W.: Csfire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 18–34. Springer, Heidelberg (2010), https://lirias.kuleuven.be/handle/123456789/260893

    Chapter  Google Scholar 

  13. De Ryck, P., Desmet, L., Joosen, W., Piessens, F.: Automatic and Precise Client-Side Protection against CSRF Attacks. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 100–116. Springer, Heidelberg (2011), https://lirias.kuleuven.be/handle/123456789/311551

    Chapter  Google Scholar 

  14. De Ryck, P., Desmet, L., Philippaerts, P., Piessens, F.: A security analysis of next generation web standards. Tech. rep., European Network and Information Security Agency (ENISA) (July 2011), https://lirias.kuleuven.be/handle/123456789/317385

  15. Devriese, D., Piessens, F.: Noninterference through secure multi-execution. In: Proceedings of the IEEE Symposium on Security and Privacy. pp. 109–124 (May 2010)

    Google Scholar 

  16. Jang, D., Jhala, R., Lerner, S., Shacham, H.: An empirical study of privacy-violating information flows in JavaScript web applications. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 270–283. ACM Press (2010)

    Google Scholar 

  17. Jaskelioff, M., Russo, A.: Secure multi-execution in haskell. In: Proceedings of Andrei Ershov International Conference on Perspectives of System Informatics (PSI 2011), Akademgorodok, Novosibirsk, Russia (2011)

    Google Scholar 

  18. Johns, M.: On JavaScript Malware and related threats - Web page based attacks revisited. Journal in Computer Virology 4(3), 161–178 (2008)

    Article  Google Scholar 

  19. Johns, M., Winter, J.: RequestRodeo: client side protection against session riding. In: Proceedings of the OWASP Europe 2006 Conference, refereed papers track, Report CW448, pp. 5–17 (2006)

    Google Scholar 

  20. Kashyap, V., Wiedermann, B., Hardekopf, B.: Timing- and termination-sensitive secure information flow: Exploring a new approach. In: Proceedings of the 2011 IEEE Symposium on Security and Privacy, SP 2011, pp. 413–428. IEEE Computer Society, Washington, DC, USA (2011), http://dx.doi.org/10.1109/SP.2011.19

    Chapter  Google Scholar 

  21. Li, Z., Zhang, K., Wang, X.: Mash-IF: Practical information-flow control within client-side mashups. In: Proceedings of the IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), pp. 251–260. IEEE (2010)

    Google Scholar 

  22. Maffeis, S., Mitchell, J.C., Taly, A.: Object capabilities and isolation of untrusted web applications. In: IEEE Symposium on Security and Privacy, pp. 125–140 (2010)

    Google Scholar 

  23. Magazinius, J., Askarov, A., Sabelfeld, A.: A Lattice-based Approach to Mashup Security. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACSS), pp. 15–23 (2010)

    Google Scholar 

  24. Meyerovich, L., Livshits, B.: ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser. In: IEEE Symposium on Security and Privacy (May 2010)

    Google Scholar 

  25. Miller, M.S., Samuel, M., Laurie, B., Awad, I., Stay, M.: Caja: Safe active content in sanitized javascript (January 2008), http://google-caja.googlecode.com/files/caja-spec-2008-0115.pdf

  26. Miller, M.: Robust composition: towards a unified approach to access control and concurrency control. Ph.D. thesis. Johns Hopkins University (2006)

    Google Scholar 

  27. Nikiforakis, N., Meert, W., Younan, Y., Johns, M., Joosen, W.: SessionShield: Lightweight Protection against Session Hijacking. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 87–100. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  28. Phung, P.H., Sands, D., Chudnov, A.: Lightweight self-protecting javascript. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 47–60. ACM (2009), http://doi.acm.org/10.1145/1533057.1533067

  29. Provos, N., Mavrommatis, P., Rajab, M.A., Monrose, F.: All your iframes point to us. In: Proceedings of the 17th Conference on Security Symposium, pp. 1–15. USENIX Association, Berkeley (2008), http://dl.acm.org/citation.cfm?id=1496711.1496712

    Google Scholar 

  30. Provos, N., Mcnamee, D., Mavrommatis, P., Wang, K., Modadugu, N., Inc, G.: The ghost in the browser: Analysis of web-based malware. In: Usenix Hotbots (2007)

    Google Scholar 

  31. Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: BrowserShield: vulnerability-driven filtering of dynamic HTML. In: OSDI 2006: Proceedings of the 7th Symposium on Operating Systems Design and Implementation, pp. 61–74. USENIX Association (2006), http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.85.1661

  32. Ruderman, J.: Same origin policy for JavaScript (2010)

    Google Scholar 

  33. Russo, A., Sabelfeld, A.: Securing timeout instructions in web applications. In: CSF, pp. 92–106 (2009)

    Google Scholar 

  34. Russo, A., Sabelfeld, A., Chudnov, A.: Tracking Information Flow in Dynamic Tree Structures. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 86–103. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  35. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. In: JSAC, vol. 21, pp. 5–19 (2003)

    Google Scholar 

  36. Schepers, D., Rossi, J.: Document Object Model (DOM) Level 3 Events Specification (2011)

    Google Scholar 

  37. Singh, K., Moshchuk, A., Wang, H.J., Lee, W.: On the incoherencies in web browser access control policies. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 463–478 (2010)

    Google Scholar 

  38. Ter Louw, M., Ganesh, K.T., Venkatakrishnan, V.: Adjail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements. In: Proceedings of the USENIX Security Symposium, p. 24 (2010)

    Google Scholar 

  39. Van Acker, S., De Ryck, P., Desmet, L., Piessens, F., Joosen, W.: Webjail: Least-privilege integration of third-party components in web mashups. In: ACSAC (December 2011), https://lirias.kuleuven.be/handle/123456789/316291

  40. Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., Venter, H.: The multi-principal os construction of the gazelle web browser. In: USENIX Security Symposium, pp. 417–432 (2009)

    Google Scholar 

  41. Weber, J.: Performance: Profiling how different web sites use browser subsystems (August 2010), http://blogs.msdn.com/b/ie/archive/2010/08/30/performance-profiling-how-different-web-sites-use-browser-subsystems.aspx

  42. Wikipedia: Usage share of web browsers (October 2011)

    Google Scholar 

  43. Zalewski, M.: Browser security handbook (2010), http://code.google.com/p/browsersec/wiki/Main

Download references

Author information

Authors and Affiliations

  1. IBBT-Distrinet, Katholieke Universiteit Leuven, Belgium

    Willem De Groef, Dominique Devriese & Frank Piessens

Authors
  1. Willem De Groef
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dominique Devriese
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frank Piessens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IMDEA Software Institute, Universidad Politecnica de Madrid, Campus Montegancedo, 28660, Boadilla del Monte, Madrid, Spain

    Gilles Barthe

  2. Carnegie Mellon University, NASA Research Park, Bldg. 23 (MS 23-11), P.O. Box 1, 94035-0001, Moffet Field, CA, USA

    Anupam Datta

  3. Faculty of Mathematics and Computer Science, Embedded Systems Security Group, Technical University of Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands

    Sandro Etalle

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

De Groef, W., Devriese, D., Piessens, F. (2012). Better Security and Privacy for Web Browsers: A Survey of Techniques, and a New Implementation. In: Barthe, G., Datta, A., Etalle, S. (eds) Formal Aspects of Security and Trust. FAST 2011. Lecture Notes in Computer Science, vol 7140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29420-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29420-4_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29419-8

  • Online ISBN: 978-3-642-29420-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation