2001 FREENIX Track Technical Program

2001 FREENIX Track Technical Program - Abstract

Building a Secure Web Browser

Sotiris Ioannidis, University of Pennsylvania, and Steven M. Bellovin, AT&T Labs-Research

Abstract

Over the last several years, popular applications such as Microsoft Internet Explorer and Netscape Navigator have become prime targets of attacks. These applications are targeted because their function is to process unauthenticated network data that often carry active content. The processing is done either by helper applications, or by the web browser itself. In both cases the software is often too complex to be bug free. To make matters worse, the underlying operating system can do very little to protect the users against such attacks since the software is running with the user's privileges.

We present the architecture of a secure browser, designed to handle attacks by incoming malicious objects. Our design is based on an operating system that offers process-specific protection mechanisms.

View the full text of this paper in HTML form, PDF form, and PostScript form.
If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
To become a USENIX Member, please see our Membership Information.

Need help? Use our Contacts page.

Last changed: 13 Feb 2002 ml

Technical Program

Conference index

USENIX home