Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Information-Flow-Based Access Control for Web Browsers
Ist Teil von
IEICE Transactions on Information and Systems, 2009/05/01, Vol.E92.D(5), pp.836-850
Ort / Verlag
The Institute of Electronics, Information and Communication Engineers
Erscheinungsjahr
2009
Link zum Volltext
Quelle
EZB Electronic Journals Library
Beschreibungen/Notizen
The emergence of Web 2.0 technologies such as Ajax and Mashup has revealed the weakness of the same-origin policy[1], the current de facto standard for the Web browser security model. We propose a new browser security model to allow fine-grained access control in the client-side Web applications for secure mashup and user-generated contents. We propose a browser security model that is based on information-flow-based access control (IBAC) to overcome the dynamic nature of the client-side Web applications and to accurately determine the privilege of scripts in the event-driven programming model.