Client-side attacks against web sessions are a real concern for many applications. Realizing protection mechanisms on the client side, e.g. as browser extensions, has become a popular approach for securing the Web. In this paper we report on our experience in the implementation of SessInt, an extension for Google Chrome that protects users against a variety of client-side attacks, and we discuss some limitations of the browser APIs that negatively impacted on the design process.
|Data di pubblicazione:||2015|
|Titolo:||Development of security extensions based on Chrome APIs|
|Titolo del libro:||8th International Workshop on Analysis of Security APIs (ASA-8)|
|Appare nelle tipologie:||4.2 Abstract in Atti di convegno|