TY - GEN
T1 - A Policy based approach for the management of Web browser resources to prevent anonymity attacks in Tor
AU - Navarro-Arribas, Guillermo
AU - Garcia-Alfaro, Joaquin
PY - 2009/12/1
Y1 - 2009/12/1
N2 - Web browsers are becoming the universal interface to reach applications and services related with these systems. Different browsing contexts may be required in order to reach them, e.g., use of VPN tunnels, corporate proxies, anonymisers, etc. By browsing context we mean how the user browsers the Web, including mainly the concrete configuration of its browser. When the context of the browser changes, its security requirements also change. In this work, we present the use of authorisation policies to automatise the process of controlling the resources of a Web browser when its context changes. The objective of our proposal is oriented towards easing the adaptation to the security requirements of the new context and enforce them in the browser without the need for user intervention. We present a concrete application of our work as a plug-in for the adaption of security requirements in Mozilla/Firefox browser when a context of anonymous navigation through the Tor network is enabled.
AB - Web browsers are becoming the universal interface to reach applications and services related with these systems. Different browsing contexts may be required in order to reach them, e.g., use of VPN tunnels, corporate proxies, anonymisers, etc. By browsing context we mean how the user browsers the Web, including mainly the concrete configuration of its browser. When the context of the browser changes, its security requirements also change. In this work, we present the use of authorisation policies to automatise the process of controlling the resources of a Web browser when its context changes. The objective of our proposal is oriented towards easing the adaptation to the security requirements of the new context and enforce them in the browser without the need for user intervention. We present a concrete application of our work as a plug-in for the adaption of security requirements in Mozilla/Firefox browser when a context of anonymous navigation through the Tor network is enabled.
U2 - 10.1007/978-3-642-01244-0_15
DO - 10.1007/978-3-642-01244-0_15
M3 - Conference contribution
AN - SCOPUS:77950831081
SN - 3642012434
SN - 9783642012433
SN - 9783642012433
T3 - IFIP Advances in Information and Communication Technology
SP - 164
EP - 175
BT - Emerging Challenges for Security, Privacy and Trust - 24th IFIP TC 11 International Information Security Conference, SEC 2009, Proceedings
T2 - 24th IFIP TC11 International Information Security Conference, SEC 2009
Y2 - 18 May 2009 through 20 May 2009
ER -