Please use this identifier to cite or link to this item:
https://doi.org/10.1145/2508859.2516743
| DC Field | Value | |
|---|---|---|
| dc.title | Protecting sensitive web content from client-side vulnerabilities with CRYPTONS | |
| dc.contributor.author | Dong, X. | |
| dc.contributor.author | Chen, Z. | |
| dc.contributor.author | Siadati, H. | |
| dc.contributor.author | Tople, S. | |
| dc.contributor.author | Saxena, P. | |
| dc.contributor.author | Liang, Z. | |
| dc.date.accessioned | 2014-07-04T03:14:46Z | |
| dc.date.available | 2014-07-04T03:14:46Z | |
| dc.date.issued | 2013 | |
| dc.identifier.citation | Dong, X., Chen, Z., Siadati, H., Tople, S., Saxena, P., Liang, Z. (2013). Protecting sensitive web content from client-side vulnerabilities with CRYPTONS. Proceedings of the ACM Conference on Computer and Communications Security : 1311-1324. ScholarBank@NUS Repository. https://doi.org/10.1145/2508859.2516743 | |
| dc.identifier.isbn | 9781450324779 | |
| dc.identifier.issn | 15437221 | |
| dc.identifier.uri | http://scholarbank.nus.edu.sg/handle/10635/78303 | |
| dc.description.abstract | Web browsers isolate web origins, but do not provide direct abstractions to isolate sensitive data and control computation over it within the same origin. As a result, guaranteeing security of sensitive web content requires trusting all code in the browser and client-side applications to be vulnerability-free. In this paper, we propose a new abstraction, called Crypton, which supports intra-origin control over sensitive data throughout its life cycle. To securely enforce the semantics of Cryptons, we develop a standalone component called Crypton-Kernel, which extensively leverages the functionality of existing web browsers without relying on their large TCB. Our evaluation demonstrates that the Crypton abstraction supported by the Crypton-Kernel is widely applicable to popular real-world applications with millions of users, including webmail, chat, blog applications, and Alexa Top 50 websites, with low performance overhead. © 2013 ACM. | |
| dc.description.uri | http://libproxy1.nus.edu.sg/login?url=http://dx.doi.org/10.1145/2508859.2516743 | |
| dc.source | Scopus | |
| dc.subject | browser security | |
| dc.subject | data protection | |
| dc.subject | web security | |
| dc.type | Conference Paper | |
| dc.contributor.department | COMPUTER SCIENCE | |
| dc.description.doi | 10.1145/2508859.2516743 | |
| dc.description.sourcetitle | Proceedings of the ACM Conference on Computer and Communications Security | |
| dc.description.page | 1311-1324 | |
| dc.identifier.isiut | NOT_IN_WOS | |
| Appears in Collections: | Staff Publications | |
Show simple item record
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.