Browser Security

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Browser Security: Lessons from Google Chrome

Full text

Html (25 KB), Pdf

Pdf (209 KB)

Source

Queue archive
Volume 7 , Issue 5 (June 2009) table of contents
Distributed Computing

FEATURE: Features table of contents

Pages 3

Year of Publication: 2009

ISSN:1542-7730

Authors

Charles Reis	Google
Adam Barth	UC Berkeley
Carlos Pizano	Google

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 1406, Downloads (12 Months): 7026, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	10.1145/1538947.1556050

ABSTRACT

Google Chrome developers focused on three key problems to shield the browser from attacks.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Barth, A., Jackson, C., Reis, C., and Google Chrome Team. 2008. The Security Architecture of the Chromium Browser; http://crypto.stanford.edu/websec/chromium/chromium-security-architecture.pdf.
	2	Douceur, J.R., Elson, J., Howell, J., Lorch, J.R. 2008. Leveraging legacy code to deploy desktop applications on the Web. In Proceedings of Operating Systems Design and Implementation (OSDI).
	3	Duebendorfer, T., Frei, S. 2009. Why silent updates boost security. ETH Tech Report TIK 302; http://www.techzoom.net/silent-updates.
	4	Franco, R. 2005. Clarifying low-rights IE. IEBlog (June); http://blogs.msdn.com/ie/archive/2005/06/09/427410.aspx.
	5	Stefan Frei , Thomas Duebendorfer , Bernhard Plattner, Firefox (In) security update dynamics exposed, ACM SIGCOMM Computer Communication Review, v.39 n.1, January 2009 [doi>10.1145/1496091.1496094]
	6	Google. Omaha: Software installer and auto-updater for Windows. Google Code; http://code.google.com/p/omaha/.
	7	Chris Grier , Shuo Tang , Samuel T. King, Secure Web Browsing with the OP Web Browser, Proceedings of the 2008 IEEE Symposium on Security and Privacy, p.402-416, May 18-21, 2008 [doi>10.1109/SP.2008.19]
	8	Howard, M., Thomlinson, M. 2007. Windows Vista ISV Security; http://msdn.microsoft.com/ en-us/library/bb430720.aspx.
	9	Mayer, M. 2009. "This site may harm your computer" on every search result. The Official Google Blog (January); http://googleblog.blogspot.com/2009/01/this-site-may-harm-your-computer-on.html.
	10	Niels Provos , Dean McNamee , Panayiotis Mavrommatis , Ke Wang , Nagendra Modadugu, The ghost in the browser analysis of web-based malware, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p.4-4, April 10, 2007, Cambridge, MA
	11	Charles Reis , Steven D. Gribble, Isolating web programs in modern browser architectures, Proceedings of the 4th ACM European conference on Computer systems, April 01-03, 2009, Nuremberg, Germany [doi>10.1145/1519065.1519090]
	12	Sandbox. Chromium Developer Documentation. 2008; http://dev.chromium.org/developers/design-documents/sandbox.
	13	Wang, H. J., Grier, C., Moshchuk, A.,King, S. T., Choudhury, P.,Venter, H. 2009. The Multi-Principal OS Construction of the Gazelle Web Browser. Microsoft Research Technical Report (MSR-TR-2009-16); http://research.microsoft.com/pubs/79655/gazelle.pdf.
	14	Yee, B., Sehr, D., Dardyk, G., Chen, J. B., Muth, R., Ormandy, T., Okasaka, S., Narul, N., Fullagar, N. 2009. Native Client: a sandbox for portable, untrusted x86 native code. In Proceedings of IEEE Symposium on Security and Privacy.