Computer
IEEE Software
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
WWW '05 Proceedings of the 14th international conference on World Wide Web
ACM Transactions on Information and System Security (TISSEC)
Challenges in Securing the Domain Name System
IEEE Security and Privacy
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Defeating script injection attacks with browser-enforced embedded policies
Proceedings of the 16th international conference on World Wide Web
The Contemporary Software Security Landscape
IEEE Security and Privacy
The ghost in the browser analysis of web-based malware
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Information Assurance Technology Forecast 2008
IEEE Security and Privacy
Secure Web Browsing with the OP Web Browser
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Protecting the Intranet Against "JavaScript Malware" and Related Attacks
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Hi-index | 0.00 |
The increasing frequency and malevolence of online security threats require that we consider new approaches to this problem. The existing literature focuses on the Web security problem from the server-side perspective. In contrast, we explore it from the client-side, considering the major types of threats. After a short threat summary, we discuss related research and existing countermeasures. We then examine intuitive human-oriented trust models and posit a flexible, multilayer framework to facilitate automated client-side decision making. The proposed suggestions are not intrusive and do not require advanced technical knowledge from end users. Copyright © 2011 John Wiley & Sons, Ltd. (Improving Web security for end users is technically possible by deploying known countermeasures to prevent execution of untrusted mobile code. Additionally, trust algebra provides a basis for defining a Web site avoidance policy based on a crowd-sourced Web site ratings. The primary hurdle to improving Web security rests with standardized, real-world implementations of these concepts both in the Internet and in browser software.)