For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Research on Application Technology of Body Area Network and the Internet of Things Connection
p.4657
A SVM Reliability Evaluation Framework for the Component-Based Web System
p.4660
The Design and Realization of Virtual Editing Environment for News Release
p.4665
Reliable Node Based Multipath QoS Routing Protocol on Opportunistic Networks
p.4669
Privilege Separation in Browser Extensions Based on Web Workers
p.4675
Bayesian Inference of Information Theoretic Metrics of Anonymity
p.4680
Software Safety Analysis Based on Multiple State Transition
p.4684
Security Framework Based on SDN
p.4690
Research of Application of 3D Pipeline in Mobile E-Commerce
p.4694

Privilege Separation in Browser Extensions Based on Web Workers

Article Preview

Abstract:

In this paper, we propose to use Web Workers [1], isolated parallel threads in current browser working in the background, to enforce privilege separation in chrome extensions. Our tests show that our design is applicable to most chrome extensions (those not using the jquery library) and achieves a reduction in TCB up to 77 percent for our examples. Our implementation shows that our design is efficient enough to enforce privilege separation in chrome extensions and not needs to modify the browser or learn new high-level languages.

You might also be interested in these eBooks
Materials Science, Computer and Information Technology View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 989-994)

Pages:

4675-4679

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.989-994.4675

Citation:

Cite this paper

Online since:

July 2014

Authors:

Chun Mei Yu*, Jian Hua Sun, Hao Chen, Xiang Hua Xu

Keywords:

Privilege Separation, Web Workers

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2014 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] HTML5 living standard. http: /www. whatwg. org/specs/web-apps/current-work/multipage.

Google Scholar

[2] Google Inc., Google chrome webstore., https: /chrome. google. com/webstore.

Google Scholar

[3] A. Krishnamurthy, A. Mettler, and D. Wagner. Fine-Grained Privilege Separation for Web Applications. In Proceedings of the International Conference on World Wide Web, pages 551–560, (2010).

DOI: 10.1145/1772690.1772747

Google Scholar

[4] A. Barth, C. Jackson, C. Reis, and T. G. C. Team, The security architecture of the chromium browser, (2008).

Google Scholar

[5] Privilege Separation in HTML5 Applications, Devdatta Akhawe, Dawn Song, Prateek Saxena, (2012).

Google Scholar

[6] TreeHouse: JavaScript sandboxes to help Web developers help themselves, Lon Ingram, Michael Walfish, (2012).

Google Scholar

[7] N. Carlini, A. P. Felt, and D. Wagner, An evaluation of the google chrome extension security architecture, in Proceedings of the 21st USENIX Conference on Security, (2012).

Google Scholar

[8] http: /en. wikipedia. org/wiki/Trusted_computing_base.

Google Scholar

[9] https: /github. com/tmpvar/jsdom.

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.