Abstract:
Web browsers routinely handle private information. Owing to a lax security model, browsers and JavaScript in particular, are easy targets for leaking sensitive data. Prio...Show MoreMetadata
Abstract:
Web browsers routinely handle private information. Owing to a lax security model, browsers and JavaScript in particular, are easy targets for leaking sensitive data. Prior work has extensively studied information flow control (IFC) as a mechanism for securing browsers. However, two central aspects of web browsers - the Document Object Model (DOM) and the event handling mechanism - have so far evaded thorough scrutiny in the context of IFC. This paper advances the state-of-the-art in this regard. Based on standard specifications and the code of an actual browser engine, we build formal models of both the DOM (up to Level 3) and the event handling loop of a typical browser, enhance the models with fine-grained taints and checks for IFC, prove our enhancements sound and test our ideas through an instrumentation of WebKit, an in-production browser engine. In doing so, we observe several channels for information leak that arise due to subtleties of the event loop and its interaction with the DOM.
Published in: 2015 IEEE 28th Computer Security Foundations Symposium
Date of Conference: 13-17 July 2015
Date Added to IEEE Xplore: 07 September 2015
ISBN Information: