A self-correcting information flow control model for the web-browser

Deepak Subramanian 1 Guillaume Hiet 1 Christophe Bidan 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA_D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Web-browser security with emphasis on JavaScript security, is one of the important problems of the modern world. The potency of information flow control (IFC) in the context of JavaScript is quite appealing. In this paper, we propose a novel approach to help track and learn from information flows. This learnt data can subsequently be used to create a more adaptive and effective IFC model. As the information about a function augments, potential leaks are also thwarted.
Document type :
Conference papers
Liste complète des métadonnées

Cited literature [12 references]  Display  Hide  Download

https://hal.inria.fr/hal-01398192
Contributor : Guillaume Hiet <>
Submitted on : Monday, May 14, 2018 - 6:05:05 PM
Last modification on : Thursday, November 15, 2018 - 11:58:57 AM
Document(s) archivé(s) le : Monday, September 24, 2018 - 9:08:34 PM

File

MainFile.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01398192, version 1

Citation

Deepak Subramanian, Guillaume Hiet, Christophe Bidan. A self-correcting information flow control model for the web-browser. FPS 2016 - The 9th International Symposium on Foundations & Practice of Security, Oct 2016, Québec City, Canada. pp.285-301. ⟨hal-01398192⟩

Share

Metrics

Record views

1961

Files downloads

39