You are in : Home » Results & submissions » Select UOA » 11 - Computer Science and Informatics » View submission: Imperial College London » Outputs » Detail

Output details

11 - Computer Science and Informatics

Imperial College London

Return to search Previous output Next output

Output 106 of 201 in the submission

Output title

Language-based defenses against untrusted browser origins

Type

E - Conference contribution

DOI

Name of conference/published proceedings

22nd Usenix Security Symposium

Volume number

Issue number

First page of article

653

ISSN of proceedings

Year of publication

2013

URL

https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_bhargavan.pdf

Number of additional authors

Additional information

<19>Acceptance: 16%/277

This paper presents new attacks and robust countermeasures for security-sensitive components, such as single sign-on APIs and client-side cryptographic libraries, that need to be safely deployed on untrusted web pages. This builds on work by the same authors at CSF'12, POST'13, and an invited submission (under review) to "Journal of Computer Security". As part of this work, we found dozens of previously unknown vulnerabilities (reported by co-authors, e.g. https://bugzilla.mozilla.org/show_bug.cgi?id=802557, https://www.facebook.com/BugBounty/posts/132102556947900) in Facebook, Firefox, Yahoo, and other popular applications. We contacted the affected companies advising on how to fix these problems.

Interdisciplinary

Cross-referral requested

Research group

E - Programming Languages and Systems

Citation count

Proposed double-weighted

Double-weighted statement

Reserve for a double-weighted output

Non-English

English abstract