The browsers’ isolation mechanisms are critical to users’ safety and privacy on
the web. Achieving proper isolations, however, is very difficult at both the
policy-specification level and the implementation level. This paper is focused
on the implementations of browser isolation mechanisms. As a concrete example,
we discuss the enforcement of the well-defined cross-frame isolation policy,
which is supposed to prohibit a script from one Internet domain to access
objects in a frame of another domain. Historical data show that even for such a
seemingly simple policy, the current implementations of the enforcement
mechanisms are surprisingly error-prone, and have been exploited on most major
browser products. In this paper, we proposed the script accenting technique as a
light-weight transparent defense against the cross-frame attacks. The basic idea
is to introduce domain-specific “accents” to the scripts and the object names so
that two frames cannot communicate/interfere if they have different accents. The
mechanism has been prototyped on Internet Explorer. Our evaluations showed that
all known cross-frame attacks were defeated, and the proposed mechanism is fully
transparent to existing web applications. The end-to-end measurement about
user’s browsing experience did not show any noticeable slowdown.
Bajar Documento
No comments:
Post a Comment