Mark Allman / ICSI @mallman_icsi

Joakim Koskela, Nicholas Weaver, Andrei Gurtov, Mark Allman. Securing Web Content. ACM CoNext Workshop on ReArchitecting the Internet (ReArch), December 2009.


Security in the WWW architecture is based on authenticating the source server and securing the data during transport without considering the content itself. The traditional assumption is that a page is as secure as the server hosting it. However, modern web sites have often a composite structure where components of the web page are authored by different actors and one logical page contains components collected from disparate servers. Applying a single security policy to a whole page is inadequate. We introduce a new model to protect users from web-based malware. We have developed a new model that uses opportunistic personas to better secure web content by adding integrity and accountability to individual elements. In this paper we present the overall design of the mechanism, as well as details derived from a prototype of the system.


    author    =        "Joakim Koskela and Nicholas Weaver and Andrei Gurtov and Mark Allman",
    title     =        "{Securing Web Content}",
    booktitle =        "ACM CoNext Workshop on ReArchitecting the Internet",
    year      =        2009,
    month     =        dec,
"We are what we repeatedly do. Excellence, then, is not an act, but a habit." --Aristotle