|Pp. 127134 of the Proceedings|
Steven M. Bellovin
University of Pennsylvania
AT&T Labs Research
Over the last several years, popular applications such as Microsoft Internet Explorer and Netscape Navigator have become prime targets of attacks. These applications are targeted because their function is to process unauthenticated network data that often carry active content. The processing is done either by helper applications, or by the web browser itself. In both cases the software is often too complex to be bug free. To make matters worse, the underlying operating system can do very little to protect the users against such attacks since the software is running with the user's privileges.
We present the architecture of a secure browser, designed to handle attacks by incoming malicious objects. Our design is based on an operating system that offers process-specific protection mechanisms.
Keywords: Secure systems, web browser, process-specific protection.
This paper was originally published in the
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference,
June 25-30, 2001, Boston, Masssachusetts, USA
Last changed: 21 June 2001 bleu