About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
APSEC 2007
Conference paper
Secure behavior of Web browsers to prevent information leakages
Abstract
Recently Web browsers are widely used as client-side application platforms beyond the traditional use of Web browsers. One of main reasons for such evolution of the browsers is the client-side JavaScript language that can execute programs embedded in a document. However, Web applications with client-side JavaScript programs have problems of leaking private information (such as cookie information) due to interactions between the browser and scripts embedded in the document. We propose a new calculus representing browser behavior that prevents information from leakage by means of language-based information flow. The proposed calculus can deal with script rewriting and higher-order functions. In addition, our calculus has a noninterference property depending on a security policy statically given by the user. © 2007 IEEE.