Browser security

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Browser security: lessons from Google Chrome

Full text

Digital Edition , Html

Html (31 KB), Pdf

Pdf (601 KB)

Source

Communications of the ACM archive
Volume 52 , Issue 8 (August 2009) table of contents
A Blind Person's Interaction with Technology

SECTION: Practice table of contents

Pages 45-49

Year of Publication: 2009

ISSN:0001-0782

Authors

Charles Reis	Google
Adam Barth	University of California, Berkeley
Carlos Pizano	Google

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 295, Downloads (12 Months): 1733, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1536616.1536634 What is a DOI?

ABSTRACT

To shield the browser from attacks, Google Chrome developers eyed three key problems.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Barth, A., Jackson, C., Reis, C., and Google Chrome team. The Security Architecture of the Chromium Browser (2008); http://crypto.stanford.edu/websec/chromium/chromium-security-architecture.pdf.
	2	Douceur, J.R., Elson, J., Howell, J., and Lorch, J.R. Leveraging legacy code to deploy desktop applications on the Web. In Proceedings of Operating Systems Design and Implementation (2008).
	3	Duebendorfer, T., Frei, S. Why silent updates boost security. ETH Tech Report TIK 302 (2009); http://www.techzoom.net/silent-updates.
	4	Franco, R. Clarifying low-rights IE. IEBlog (June 2005); http://blogs.msdn.com/ie/archive/2005/06/09/427410.aspx.
	5	Stefan Frei , Thomas Duebendorfer , Bernhard Plattner, Firefox (In) security update dynamics exposed, ACM SIGCOMM Computer Communication Review, v.39 n.1, January 2009 [doi>10.1145/1496091.1496094]
	6	Google. Omaha: Software installer and auto-updater for Windows. Google Code; http://code.google.com/p/omaha/.
	7	Chris Grier , Shuo Tang , Samuel T. King, Secure Web Browsing with the OP Web Browser, Proceedings of the 2008 IEEE Symposium on Security and Privacy, p.402-416, May 18-21, 2008 [doi>10.1109/SP.2008.19]
	8	Howard, M., Thomlinson, M. Windows Vista ISV Security (2007); http://msdn.microsoft.com/en-us/library/bb430720.aspx.
	9	Mayer, M. "This site may harm your computer" on every search result. The Official Google Blog (Jan. 2009); http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html.
	10	Niels Provos , Dean McNamee , Panayiotis Mavrommatis , Ke Wang , Nagendra Modadugu, The ghost in the browser analysis of web-based malware, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p.4-4, April 10, 2007, Cambridge, MA
	11	Charles Reis , Steven D. Gribble, Isolating web programs in modern browser architectures, Proceedings of the 4th ACM European conference on Computer systems, April 01-03, 2009, Nuremberg, Germany [doi>10.1145/1519065.1519090]
	12	Sandbox. Chromium Developer Documentation (2008); http://dev.chromium.org/developers/design-documents/sandbox.
	13	Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., and Venter, H. The Multi-Principal OS Construction of the Gazelle Web Browser. Microsoft Research Technical Report (MSR-TR-2009-16) 2009; http://research.microsoft.com/pubs/79655/gazelle.pdf.
	14	Bennet Yee , David Sehr , Gregory Dardyk , J. Bradley Chen , Robert Muth , Tavis Ormandy , Shiki Okasaka , Neha Narula , Nicholas Fullagar, Native Client: A Sandbox for Portable, Untrusted x86 Native Code, Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, p.79-93, May 17-20, 2009 [doi>10.1109/SP.2009.25]