Please use this identifier to cite or link to this item:
|Title:||Protecting sensitive web content from client-side vulnerabilities with CRYPTONS|
|Source:||Dong, X.,Chen, Z.,Siadati, H.,Tople, S.,Saxena, P.,Liang, Z. (2013). Protecting sensitive web content from client-side vulnerabilities with CRYPTONS. Proceedings of the ACM Conference on Computer and Communications Security : 1311-1324. ScholarBank@NUS Repository. https://doi.org/10.1145/2508859.2516743|
|Abstract:||Web browsers isolate web origins, but do not provide direct abstractions to isolate sensitive data and control computation over it within the same origin. As a result, guaranteeing security of sensitive web content requires trusting all code in the browser and client-side applications to be vulnerability-free. In this paper, we propose a new abstraction, called Crypton, which supports intra-origin control over sensitive data throughout its life cycle. To securely enforce the semantics of Cryptons, we develop a standalone component called Crypton-Kernel, which extensively leverages the functionality of existing web browsers without relying on their large TCB. Our evaluation demonstrates that the Crypton abstraction supported by the Crypton-Kernel is widely applicable to popular real-world applications with millions of users, including webmail, chat, blog applications, and Alexa Top 50 websites, with low performance overhead. © 2013 ACM.|
|Source Title:||Proceedings of the ACM Conference on Computer and Communications Security|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Feb 21, 2018
checked on Feb 17, 2018
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.