12,318 Hits in 3.9 sec

A Self-correcting Information Flow Control Model for the Web-Browser [chapter]

Deepak Subramanian, Guillaume Hiet, Christophe Bidan
2016 Lecture Notes in Computer Science  
The potency of information flow control (IFC) in the context of JavaScript is quite appealing. In this paper, we propose a novel approach to help track and learn from information flows.  ...  Web-browser security with emphasis on JavaScript security, is one of the important problems of the modern world.  ...  In this next part of the paper, we describe a learning-based approach to information flow control on a web-browser.  ... 
doi:10.1007/978-3-319-51966-1_19 fatcat:i6rihruuczhutcl7eeqy2xs2xu

Semantic grid

Hai Zhuge
2005 Communications of the ACM  
It should absorb the advantages of the Grid, Semantic Web, and Web services, and go beyond their scopes by adopting a new computing model, communication platform, and normal resource organization model  ...  The process definition and verification concerns behavior semantics, work-flow, and knowledge flow [6] . Security control guarantees the safety of the Semantic Grid operation.  ... 
doi:10.1145/1053291.1053325 fatcat:bnlejne6jneu5cvu65bx3eeopm

Design and Implementation of Secure Browser for Computer-Based Tests

Onyemaobi Bethram Chibuzo, Dauda Olorunkemi Isiaka
2020 International Journal of Innovative Science and Research Technology  
- This work is concerned with the development of a browser for computer based examination platforms.  ...  It focused on trends and mostly used browsers for online computer based examination and carried out a critical review of the browsers used for current computer based test system employed in Nigeria Universities  ...  Fig 2 : 2 -Diagram for Extreme Programming methodology Fig Fig 3:-Activity diagram for the Browser application model Fig 4 : 4 -Data-Flow-Diagram (DFD) of the Browser application model  Use case diagrams  ... 
doi:10.38124/ijisrt20aug526 fatcat:giofcvlkincqtay6gerfu7iw5u

Browser Model for Security Analysis of Browser-Based Protocols [chapter]

Thomas Groß, Birgit Pfitzmann, Ahmad-Reza Sadeghi
2005 Lecture Notes in Computer Science  
We formally model web browsers, secure browser channels, and the security-relevant browsing behavior of a user as automata.  ...  Currently, many industrial initiatives focus on web applications. In this context an important requirement is often that the user should only rely on a standard web browser.  ...  We present a rigorous and abstract model for a standard web browser as a principal for browser-based protocols.  ... 
doi:10.1007/11555827_28 fatcat:rtblqwpgifcsbn3bw6fkqgyyoq

Dual Security Testing Model for Web Applications

Singh Garima, Kaushik Manju
2016 International Journal of Advanced Computer Science and Applications  
Models have been developed for testing web applications but only a few focused on content testing, a few on navigation testing and a very few on security testing of web applications.  ...  The objective of this paper is to propose Dual Security Testing Model to test the security of web applications using UML modeling technique which includes web socket interface.  ...  ACKNOWLEDGMENT This research is supported by the JECRC University, Jaipur, Rajasthan, India.  ... 
doi:10.14569/ijacsa.2016.070225 fatcat:lpq66klkmfdvtiqkeerqumnrb4

Survey on JavaScript security policies and their enforcement mechanisms in a web browser

Nataliia Bielova
2013 The Journal of Logic and Algebraic Programming  
Among all the works on web browser security, we survey dynamic techniques based on runtime monitoring as well as secure information flow techniques.  ...  We observe a rapid growth of web-based applications every day. These applications are executed in the web browser, where they interact with a variety of information belonging to the user.  ...  We would also like to thank the anonymous referees for comments that have helped improve the paper.  ... 
doi:10.1016/j.jlap.2013.05.001 fatcat:5pntdqk5fnasnpmjvfgsgkk5za

Hybrid Information Flow Monitoring against Web Tracking

Frederic Besson, Nataliia Bielova, Thomas Jensen
2013 2013 IEEE 26th Computer Security Foundations Symposium  
Motivated by the problem of stateless web tracking (fingerprinting), we propose a novel approach to hybrid information flow monitoring by tracking the knowledge about secret variables using logical formulae  ...  Several other hybrid monitors including those based on well-known hybrid techniques for information flow control are formalised as instances of our generic hybrid monitor.  ...  Acknowledgements: The authors are grateful to Boris Köpf, Alan Schmitt and the anonymous reviewers for valuable comments on earlier versions of this paper.  ... 
doi:10.1109/csf.2013.23 dblp:conf/csfw/BessonBJ13 fatcat:h33rodslvvasndx55bwrygx7tu

Web Application Security

Kavita Yadav, Babita Kumari, Mohini Yadav
2014 International Journal of Applied Research on Information Technology and Computing  
Even so, Web applications are currently subject to a plethora of successful attacks, such as cross-site scripting, cookie theft, session riding, browser hijacking, and the recent self-propagating worms  ...  Simply, Web Application Security is -The securing of web applications‖. Web applications are one of the most prevalent platforms for information and services delivery over Internet today.  ...  flow into web responses without correct validation.  ... 
doi:10.5958/0975-8089.2014.00005.0 fatcat:7uhb4jj7lfhlbcmnfk76sznwka

Information flow tracking meets just-in-time compilation

Christoph Kerschbaumer, Eric Hennigan, Per Larsen, Stefan Brunthaler, Michael Franz
2013 ACM Transactions on Architecture and Code Optimization (TACO)  
Few users will switch to a safer browser if it comes at the cost of significantly degrading web application performance.  ...  Information flow tracking in web browsers can prevent communication of sensitive data to unintended recipients and thereby stop such data thefts.  ...  ACKNOWLEDGMENTS Thanks to Andrei Homescu for his insightful comments and help to optimize the generated x86 assembly.  ... 
doi:10.1145/2541228.2555295 fatcat:ap46zibsvbd7pj2rz72haqduzi

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring [article]

Stefano Calzavara, Clara Schneidewind Università Ca' Foscari Venezia
2018 arXiv   pre-print
We present WPSE, a browser-side security monitor for web protocols designed to ensure compliance with the intended protocol flow, as well as confidentiality and integrity properties of messages.  ...  We formally prove that WPSE is expressive enough to protect web applications from a wide range of protocol implementation bugs and web attacks.  ...  The paper also acknowledges support from the MIUR project ADAPT and by CINI Cybersecurity National Laboratory within the project FilieraSicura: Securing the Supply Chain of Domestic Critical Infrastructures  ... 
arXiv:1806.09111v1 fatcat:unpo672n3vfgvebvljzm4wtzlq

Lexicon Sextant: Modeling a Mnemonic System for Customizable Browser Information Organization and Management

2016 Eurasia Journal of Mathematics, Science and Technology Education  
This paper presents an ongoing study of the development of a customizable web browser information organization and management system, which the author has named Lexicon Sextant (LS).  ...  LS is a user friendly, graphical web based add-on to the latest generation of web browsers, such as Google Chrome, making it easier and more intuitive to store and retrieve favorites (bookmarks) since  ...  and self-chosen correction rate.  ... 
doi:10.12973/eurasia.2016.1501a fatcat:ferf2p4mrrhafkewzbfzl7ilym


Vasileios Triglianos, Cesare Pautasso
2013 Proceedings of the 22nd International Conference on World Wide Web - WWW '13 Companion  
ASQ is a Web application for creating and delivering interactive HTML5 presentations.  ...  More specifically, in the context of a hybrid MOOC classroom, a teacher can use ASQ to get feedback in real time about the level of comprehension of the presented material while reducing the time for gathering  ...  Acknowledgements: We are grateful to Jacques Dafflon, Margarita Grinvald, Max von Bülow and Georgios Kokosioulis for their hard work in creating the ASQ prototype.  ... 
doi:10.1145/2487788.2487894 dblp:conf/www/TriglianosP13 fatcat:asgjp3oenjbvrlxu7mhgg3o4ku

Investigating Users' Perspectives of Web Single Sign-On: Conceptual Gaps and Acceptance Model

San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, Konstantin Beznosov
2013 Zenodo  
Informed by our findings, we offer a web SSO technology acceptance model, and suggest design improvements.  ...  However, the average user's perception of web SSO is still poorly understood.  ...  Acknowledgements We thank study participants for their time, and members of the Laboratory for Education and Research in Secure Systems Engineering (LERSSE), who provided valuable feedback on the earlier  ... 
doi:10.5281/zenodo.3264654 fatcat:pfn3dkjglzdx5l3zmcqqug57oy

China's e-science knowledge grid environment

Hai Zhuge
2004 IEEE Intelligent Systems  
Acknowledgments China's National Grand Fundamental Research 973 Program and National Science Foundation supported research for this article.  ...  The mechanism features a 3D semanticspace browser and a knowledge flow model for realizing effective knowledge sharing in virtual organizations. 4 • Establishing a theory for normally organizing semantic  ...  An intelligent operable resource browser supports common scientific activities such as document retrieval. • A process control mechanism monitors and controls the predefined cooperation processes. • A  ... 
doi:10.1109/mis.2004.1265879 fatcat:dffttads5nbllotf57o6vfej2y

JavaScript instrumentation for browser security

Dachuan Yu, Ajay Chander, Nayeem Islam, Igor Serikov
2007 SIGPLAN notices  
Untrusted JavaScript code goes through a rewriting process which identifies relevant operations, modifies questionable behaviors, and prompts the user (a web page viewer) for decisions on how to proceed  ...  , yielding a form of self-modifying code.  ...  Acknowledgments We wish to thank Zhong Shao and the anonymous referees for their helpful comments.  ... 
doi:10.1145/1190215.1190252 fatcat:o43uvmhtufd5dgxnjwrjpomgzq
« Previous Showing results 1 — 15 out of 12,318 results