TY - GEN
T1 - A quantitative evaluation of privilege separation in web browser designs
AU - Dong, Xinshu
AU - Hu, Hong
AU - Saxena, Prateek
AU - Liang, Zhenkai
PY - 2013
Y1 - 2013
N2 - Privilege separation is a fundamental security concept that has been used in designing many secure systems. A number of recent works propose re-designing web browsers with greater privilege separation for better security. In practice, however, privilege-separated designs require a fine balance between security benefits and other competing concerns, such as performance. In fact, performance overhead has been a main cause that prevents many privilege separation proposals from being adopted in real systems. In this paper, we develop a new measurement-driven methodology that quantifies security benefits and performance costs for a given privilege-separated browser design. Our measurements on a large corpus of web sites provide key insights on the security and performance implications of partitioning dimensions proposed in 9 recent browser designs. Our results also provide empirical guidelines to resolve several design decisions being debated in recent browser re-design efforts.
AB - Privilege separation is a fundamental security concept that has been used in designing many secure systems. A number of recent works propose re-designing web browsers with greater privilege separation for better security. In practice, however, privilege-separated designs require a fine balance between security benefits and other competing concerns, such as performance. In fact, performance overhead has been a main cause that prevents many privilege separation proposals from being adopted in real systems. In this paper, we develop a new measurement-driven methodology that quantifies security benefits and performance costs for a given privilege-separated browser design. Our measurements on a large corpus of web sites provide key insights on the security and performance implications of partitioning dimensions proposed in 9 recent browser designs. Our results also provide empirical guidelines to resolve several design decisions being debated in recent browser re-design efforts.
UR - http://www.scopus.com/inward/record.url?scp=84884754647&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84884754647&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-40203-6_5
DO - 10.1007/978-3-642-40203-6_5
M3 - Conference contribution
AN - SCOPUS:84884754647
SN - 9783642402029
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 75
EP - 93
BT - Computer Security, ESORICS 2013 - 18th European Symposium on Research in Computer Security, Proceedings
T2 - 18th European Symposium on Research in Computer Security, ESORICS 2013
Y2 - 9 September 2013 through 13 September 2013
ER -