Information-Flow-Based Access Control for Web Browsers
スポンサーリンク
概要
- 論文の詳細を見る
The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.
- (社)電子情報通信学会の論文
- 2009-05-01
著者
-
Matsumoto Tsutomu
Yokohama National Univ. Yokohama‐shi Jpn
-
Matsumoto Tsutomu
Graduate School Of Engineering Yokohama National University:graduate School Of Environment And Infor
-
Yoshihama Sachiko
Ibm Tokyo Res. Lab. Yamato‐shi Jpn
-
Yoshihama Sachiko
Ibm Tokyo Research Laboratory
-
TATEISHI Takaaki
IBM Tokyo Research Laboratory
-
TABUCHI Naoshi
IBM Tokyo Research Laboratory
関連論文
- E2-A New 128-Bit Block Cipher(Special Section on Cryptography and Information Security)
- Digitally Signed Document Sanitizing Scheme with Disclosure Condition Control(Application)(Cryptography and Information Security)
- On the security of Feistel Ciphers with SPN Round Function against Differential, Linear, and Truncated Differential Cryptanalysis(Special Section on Cryptography and Information Security)
- Multi-Pass Malware Sandbox Analysis with Controlled Internet Connection
- Unconditionally Secure Group Signatures
- Integrity Management Infrastructure for Trusted Computing
- FOREWORD (Special Section on Cryptography and Information Security)
- Interaction Key Generation Schemes (Protocol) (Cryptography and Information Security)
- Unconditionally Secure Authenticated Encryption(Discrete Mathematics and Its Applications)
- Your Sandbox is Blinded: Impact of Decoy Injection to Public Malware Analysis Systems
- A Distributed User Revocation Scheme for Ad-Hoc Networks(Advances in Ad Hoc Mobile Communications and Networking)
- How to Maximize the Potential of FPGA-Based DSPs for Modular Exponentiation
- A Design Methodology for a DPA-Resistant Circuit with RSL Techniques
- How to Decide Selection Functions for Power Analysis : From the Viewpoint of Hardware Architecture of Block Ciphers
- Collusion Secure Codes : Systematic Security Definitions and Their Relations(Discrete Mathematics and Its Applications)
- Clone Match Rate Evaluation for an Artifact-metric System (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- Detection-Resistant Steganography for Standard MIDI Files (Information Security)
- An Evaluation Method of Time Stamping Schemes from Viewpoints of Integrity, Cost and Availability(Special Section on Cryptography and Information Security)
- An Artifact-metric System Which Utilizes Inherent Texture (特集 21世紀のコンピュータセキュリティ技術)
- Random-Error-Resilient Tracing Algorithm for a Collusion-Secure Fingerprinting Code (特集 電子社会に向けたコンピュータセキュリティ技術)
- A Flexible Tree-Based Key Management Framework(Special Section on Cryptography and Information Security)
- Information-Flow-Based Access Control for Web Browsers
- Multiparty DSA Signature Generation without Simultaneous User Operations(Application Information Security)
- Effectiveness of Outline Measures of Strength against Differential and Linear Cryptanalysis (Special Section on Cryptography and Information Security)
- Random-Error Resilience of a Short Collusion-Secure Code
- An Evaluation Method for a Magnetic Artifact-metric System (特集 電子社会に向けたコンピュータセキュリティ技術)
- A Scheme of Secret Communication Using Internet Control Message Protocol(Special Section on Cryptography and Information Security)
- On Applicability of Differential Cryptanalysis, Linear Cryptanalysis and Mod n Cryptanalysis to an Encryption Algorithm M8(ISO9979-20) (特集 21世紀のコンピュータセキュリティ技術)
- A proper security analysis method for CMOS cryptographic circuits
- Malware Sandbox Analysis with Efficient Observation of Herder's Behavior
- Malware Sandbox Analysis with Efficient Observation of Herder's Behavior
- Catching the Behavioral Differences between Multiple Executions for Malware Detection
- FOREWORD
- Finding Malicious Authoritative DNS Servers
- Catching the Behavioral Differences between Multiple Executions for Malware Detection