Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Engineering
Escudo: A Fine-Grained Protection Model For Web Browsers, Karthick Jayaraman, Wenliang Du, Balamurugan Rajagopalan, Steve J. Chapin
Escudo: A Fine-Grained Protection Model For Web Browsers, Karthick Jayaraman, Wenliang Du, Balamurugan Rajagopalan, Steve J. Chapin
Electrical Engineering and Computer Science - All Scholarship
Web applications are no longer simple hyperlinked documents. They have progressively evolved to become highly complex---web pages combine content from several sources (with varying levels of trustworthiness), and incorporate significant portions of client-side code. However, the prevailing web protection model, the same-origin policy, has not adequately evolved to manage the security consequences of this additional complexity. As a result, web applications have become attractive targets of exploitation. We argue that this disconnection between the protection needs of modern web applications and the protection models used by web browsers that manage those applications amounts to a failure of access control. In …