Communications of the ACM
Stanford Computer Scientists Extend Web Browsers to Make the Internet Safer
Credit: iStockPhoto.com
Stanford University researchers have added a security system called Confinement with Origin Web Labels (COWL) to Firefox and Chrome to manage how data is shared, which prevents malicious computer code from leaking sensitive information while enabling Web applications to display content drawn from multiple sources.
The COWL system was developed in collaboration with researchers at University College London (UCL), Chalmers University of Technology, Mozilla Research, and Google. COWL adds a layer of security on top of existing safety mechanisms to ensure harmful code cannot leak private user data by addressing how data is handled by JavaScript. "COWL achieves both better privacy for the user and better flexibility for the Web developer," says UCL professor Brad Karp.
The Stanford researchers embedded mandatory access control into Firefox and Chrome, providing a way for Web developers to use the new security system in their JavaScript programs. The researchers learned how to make sure JavaScript code did not share data with sites it was not supposed to by requiring developers to give their data labels specifying which websites could read and use the data. The labels follow the data, even when it's shared, and COWL ensures that no code ignores the labels. The next step is to get COWL through the process of standardization, which is expected to take about a year.
From Stanford University
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found