Author(s): Lujo Bauer, Shaoying Cai, Limin Jia, Timothy Passaro, Michael Stroucken, Yuan Tian

Download: Paper (PDF)

Date: 7 Feb 2015

Document Type: Briefing Papers

Additional Documents: Slides

Associated Event: NDSS Symposium 2015


Web browsers are a key enabler of a wide range of online services, from shopping and email, to banking and health services. Because these services frequently involve handling sensitive data, a wide range of web browser security policies and mechanisms has been implemented or proposed to mitigate the dangers posed by malicious code and sites. This paper describes the development of a framework for specifying and enforcing flexible information-flow policies on the Chromium web browser. Complementing efforts that focus on information-flow enforcement on JavaScript, the framework described in this paper focuses on an existing browser and encompasses a broad range of browser features, from pages and scripts to DOM elements, events, persistent state, and extensions. In this framework, entities in the browser are annotated with information-flow labels that specify policy. Our framework is formally modeled and developed in parallel with a running prototype on top of the Chromium web browser. We demonstrate how the framework can be used to represent many existing browser policies. Experiments with our prototype confirm that the framework can enforce practically useful policies beyond those enforceable in standard web browsers, and a formal proof of noninterference validates the framework’s design.