A self-correcting information flow control model for the web-browser

Deepak Subramanian 1 Guillaume Hiet 1 Christophe Bidan 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Web-browser security with emphasis on JavaScript security, is one of the important problems of the modern world. The potency of information flow control (IFC) in the context of JavaScript is quite appealing. In this paper, we propose a novel approach to help track and learn from information flows. This learnt data can subsequently be used to create a more adaptive and effective IFC model. As the information about a function augments, potential leaks are also thwarted.
Document type :
Conference papers
Complete list of metadatas

Cited literature [12 references]  Display  Hide  Download

https://hal.inria.fr/hal-01398192
Contributor : Guillaume Hiet <>
Submitted on : Monday, May 14, 2018 - 6:05:05 PM
Last modification on : Friday, September 13, 2019 - 9:51:33 AM
Long-term archiving on : Monday, September 24, 2018 - 9:08:34 PM

File

MainFile.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01398192, version 1

Citation

Deepak Subramanian, Guillaume Hiet, Christophe Bidan. A self-correcting information flow control model for the web-browser. FPS 2016 - The 9th International Symposium on Foundations & Practice of Security, Oct 2016, Québec City, Canada. pp.285-301. ⟨hal-01398192⟩

Share

Metrics

Record views

2215

Files downloads

199