Sign In

Communications of the ACM

ACM TechNews

Stanford Computer Scientists Extend Web Browsers to Make the Internet Safer

View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
display showing code, illustration


Stanford University researchers have added a security system called Confinement with Origin Web Labels (COWL) to Firefox and Chrome to manage how data is shared, which prevents malicious computer code from leaking sensitive information while enabling Web applications to display content drawn from multiple sources.

The COWL system was developed in collaboration with researchers at University College London (UCL), Chalmers University of Technology, Mozilla Research, and Google. COWL adds a layer of security on top of existing safety mechanisms to ensure harmful code cannot leak private user data by addressing how data is handled by JavaScript. "COWL achieves both better privacy for the user and better flexibility for the Web developer," says UCL professor Brad Karp.

The Stanford researchers embedded mandatory access control into Firefox and Chrome, providing a way for Web developers to use the new security system in their JavaScript programs. The researchers learned how to make sure JavaScript code did not share data with sites it was not supposed to by requiring developers to give their data labels specifying which websites could read and use the data. The labels follow the data, even when it's shared, and COWL ensures that no code ignores the labels. The next step is to get COWL through the process of standardization, which is expected to take about a year.

From Stanford University
View Full Article


Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA


No entries found