Date: Monday February 29, 2016
Time: 3:30pm
Room: Janssen Engineering, room 328
|
|
Web browsers have been so successful that they are a necessity of today's
economy. Part of this success is attributed to their flexibility, which is
afforded by Turing-complete execution and powerful and easy to use graphic
capabilities, both accessible through the network to trusted and untrusted
parties. These capabilities, if maliciously undermined, have the potential
for system or data compromise. A proven approach in preventing and
mitigating such compromise is to implement secure configurations tailored to
specific domains according to their levels of trust. Today, such an approach
is extremely difficult to implement due to the lack of high-level and
multi-platform browser security tools. In this article, we describe the
architecture of HiFiPol:Browser, a web browser based Hi-Fidelity security
Policy management system. This system provides: a) an easy-to-use and
high-level policy specification environment, b) semi-automatic instantiation
of policies into configurations, and c) automatic browser configuration
deployment. This will enable the design and implementation of domain-,
application-, device-, and user- tailored secure policies within a
technically diverse organization. We describe in detail all components of
the architecture, the tasks needed to implement it in a fully operational
system, and the current status on the progress of each task.
Date: Monday February 29, 2016 |