A layered naming architecture for the internet
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
A data-oriented (and beyond) network architecture
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
The strengths of weaker identities: opportunistic personas
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Detecting in-flight page changes with web tripwires
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
On grappling with meta-information in the internet
ACM SIGCOMM Computer Communication Review
Hi-index | 0.00 |
Security in the WWW architecture is based on authenticating the source server and securing the data during transport without considering the content itself. The traditional assumption is that a page is as secure as the server hosting it. However, modern web sites have often a composite structure where components of the web page are authored by different actors and one logical page contains components collected from disparate servers. Applying a single security policy to a whole page is inadequate. We introduce a new model to protect users from web-based malware. We have developed a new model that uses opportunistic personas to better secure web content by adding integrity and accountability to individual elements. In this paper we present the overall design of the mechanism, as well as details derived from a prototype of the system.