Please use this identifier to cite or link to this item:
|Title:||A quantitative evaluation of privilege separation in web browser designs|
|Citation:||Dong, X.,Hu, H.,Saxena, P.,Liang, Z. (2013). A quantitative evaluation of privilege separation in web browser designs. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 8134 LNCS : 75-93. ScholarBank@NUS Repository. https://doi.org/10.1007/978-3-642-40203-6_5|
|Abstract:||Privilege separation is a fundamental security concept that has been used in designing many secure systems. A number of recent works propose re-designing web browsers with greater privilege separation for better security. In practice, however, privilege-separated designs require a fine balance between security benefits and other competing concerns, such as performance. In fact, performance overhead has been a main cause that prevents many privilege separation proposals from being adopted in real systems. In this paper, we develop a new measurement-driven methodology that quantifies security benefits and performance costs for a given privilege-separated browser design. Our measurements on a large corpus of web sites provide key insights on the security and performance implications of partitioning dimensions proposed in 9 recent browser designs. Our results also provide empirical guidelines to resolve several design decisions being debated in recent browser re-design efforts. © 2013 Springer-Verlag.|
|Source Title:||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Oct 15, 2018
checked on Oct 5, 2018
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.