privacy preserving browser side scripting bflow
play

Privacy-Preserving Browser-Side Scripting BFlow Janusz Kudeka - PowerPoint PPT Presentation

Oct 13, 2023 •300 likes •1.66k views

Introduction Background Design Implementation Evaluation Summary Privacy-Preserving Browser-Side Scripting BFlow Janusz Kudeka December 21, 2011 Janusz Kudeka Privacy-Preserving Browser-Side Scripting BFlow Introduction Background

  1. Introduction Background Design Implementation Evaluation Summary Same-origin policy Origin is a triple: <domain name, protocol, port> SOP is to guard the web sites JavaScript from interference by other sites JavaScript. SOP still allows communication by requests or intra-browser channels. In result scripts that have access to confidential data, can leak that data. Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  2. Introduction Background Design Implementation Evaluation Summary Same-origin policy Origin is a triple: <domain name, protocol, port> SOP is to guard the web sites JavaScript from interference by other sites JavaScript. SOP still allows communication by requests or intra-browser channels. In result scripts that have access to confidential data, can leak that data. Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  3. Introduction Background Design Implementation Evaluation Summary Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  4. Introduction Background Design Implementation Evaluation Summary Basic challanges BFlow requires stronger policy than the SOP . BFlow has to accomplish this without encumbering deployment. Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  5. Introduction Background Design Implementation Evaluation Summary Basic challanges BFlow requires stronger policy than the SOP . BFlow has to accomplish this without encumbering deployment. Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  6. Introduction Background Design Implementation Evaluation Summary Adversary The goal of the adversary is to read data that he should not be able to. Adversary capabilities are limited to: creating his own account running his own web server writing the JavaScript that the page includes Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  7. Introduction Background Design Implementation Evaluation Summary Adversary The goal of the adversary is to read data that he should not be able to. Adversary capabilities are limited to: creating his own account running his own web server writing the JavaScript that the page includes Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  8. Introduction Background Design Implementation Evaluation Summary Adversary The goal of the adversary is to read data that he should not be able to. Adversary capabilities are limited to: creating his own account running his own web server writing the JavaScript that the page includes Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  9. Introduction Background Design Implementation Evaluation Summary Adversary The goal of the adversary is to read data that he should not be able to. Adversary capabilities are limited to: creating his own account running his own web server writing the JavaScript that the page includes Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  10. Introduction Background Design Implementation Evaluation Summary Adversary The goal of the adversary is to read data that he should not be able to. Adversary capabilities are limited to: creating his own account running his own web server writing the JavaScript that the page includes Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  11. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  12. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  13. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  14. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  15. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  16. Introduction Background Design Implementation Evaluation Summary Adversary ... well adversary capabilities aren’t only limited to this. He can still: compromise host site eavesdrop infect user’s operating system with malware use social-engineering attacks BFlow doesn’t protect against such attacks Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  17. Introduction Background Design Implementation Evaluation Summary Attacks Paths JavaScript injections Third party malicious JavaScript Intra-browser communication Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  18. Introduction Background Design Implementation Evaluation Summary Attacks Paths JavaScript injections Third party malicious JavaScript Intra-browser communication Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  19. Introduction Background Design Implementation Evaluation Summary Attacks Paths JavaScript injections Third party malicious JavaScript Intra-browser communication Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  20. Introduction Background Design Implementation Evaluation Summary Attacks Paths JavaScript injections Third party malicious JavaScript Intra-browser communication Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  21. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The system has to be adopted by: developers web sites users Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  22. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The system has to be adopted by: developers web sites users Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  23. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The system has to be adopted by: developers web sites users Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  24. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The system has to be adopted by: developers web sites users Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  25. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The system has to be adopted by: developers web sites users Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  26. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption - Developers Design a system that preserves features: popular JavaScript constructions communication among concurrent browser scripts communication with remote web servers Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  27. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption - Developers Design a system that preserves features: popular JavaScript constructions communication among concurrent browser scripts communication with remote web servers Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  28. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption - Developers Design a system that preserves features: popular JavaScript constructions communication among concurrent browser scripts communication with remote web servers Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  29. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption - Developers Design a system that preserves features: popular JavaScript constructions communication among concurrent browser scripts communication with remote web servers Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  30. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption - Developers Design a system that preserves features: popular JavaScript constructions communication among concurrent browser scripts communication with remote web servers Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  31. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The design should be easy: for users to install for site developers to adopt for extension developers to adopt Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  32. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The design should be easy: for users to install for site developers to adopt for extension developers to adopt Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  33. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The design should be easy: for users to install for site developers to adopt for extension developers to adopt Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  34. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The design should be easy: for users to install for site developers to adopt for extension developers to adopt Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  35. Introduction Background Design Implementation Evaluation Summary Flexibility and Adoption The design should be easy: for users to install for site developers to adopt for extension developers to adopt Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  36. Introduction Background Design Implementation Evaluation Summary Deployment effort goal Users installing a browser plugin Site developers decide which data is confidential Third-party developers designing extension that handle BFlow Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  37. Introduction Background Design Implementation Evaluation Summary Deployment effort goal Users installing a browser plugin Site developers decide which data is confidential Third-party developers designing extension that handle BFlow Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  38. Introduction Background Design Implementation Evaluation Summary Deployment effort goal Users installing a browser plugin Site developers decide which data is confidential Third-party developers designing extension that handle BFlow Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  39. Introduction Background Design Implementation Evaluation Summary Deployment effort goal Users installing a browser plugin Site developers decide which data is confidential Third-party developers designing extension that handle BFlow Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  40. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  41. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  42. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  43. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  44. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  45. Introduction Background Design Implementation Evaluation Summary Design Design of BFlow consists of: Labels Zones Reference Monitor Gateways Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  46. Introduction Background Design Implementation Evaluation Summary Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  47. Introduction Background Design Implementation Evaluation Summary Design - Label Label is a set of tags Tag is a token indicating category of confidentiality Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  48. Introduction Background Design Implementation Evaluation Summary Design - Label Label is a set of tags Tag is a token indicating category of confidentiality Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  49. Introduction Background Design Implementation Evaluation Summary Design - Label Label is a set of tags Tag is a token indicating category of confidentiality Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  50. Introduction Background Design Implementation Evaluation Summary Design - Zone Zone is a set of frames Zone label reflects data it has seen Zone explicitly asks to change its own label Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  51. Introduction Background Design Implementation Evaluation Summary Design - Zone Zone is a set of frames Zone label reflects data it has seen Zone explicitly asks to change its own label Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  52. Introduction Background Design Implementation Evaluation Summary Design - Zone Zone is a set of frames Zone label reflects data it has seen Zone explicitly asks to change its own label Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  53. Introduction Background Design Implementation Evaluation Summary Design - Zone Zone is a set of frames Zone label reflects data it has seen Zone explicitly asks to change its own label Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  54. Introduction Background Design Implementation Evaluation Summary Design - Invariant Top level frame is always in trusted zone Parent frame must be able to send messages to children Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  55. Introduction Background Design Implementation Evaluation Summary Design - Invariant Top level frame is always in trusted zone Parent frame must be able to send messages to children Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  56. Introduction Background Design Implementation Evaluation Summary Design - Invariant Top level frame is always in trusted zone Parent frame must be able to send messages to children Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  57. Introduction Background Design Implementation Evaluation Summary Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  58. Introduction Background Design Implementation Evaluation Summary Design - Intra-browser Communication Top level frame is always in trusted zone Parent frame must be able to send messages to children postMessage -> postMessageBF Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  59. Introduction Background Design Implementation Evaluation Summary Design - Intra-browser Communication Top level frame is always in trusted zone Parent frame must be able to send messages to children postMessage -> postMessageBF Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  60. Introduction Background Design Implementation Evaluation Summary Design - Intra-browser Communication Top level frame is always in trusted zone Parent frame must be able to send messages to children postMessage -> postMessageBF Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  61. Introduction Background Design Implementation Evaluation Summary Design - Intra-browser Communication Top level frame is always in trusted zone Parent frame must be able to send messages to children postMessage -> postMessageBF Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  62. Introduction Background Design Implementation Evaluation Summary Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  63. Introduction Background Design Implementation Evaluation Summary Design - control browser-server communication Data can flow between browser and web servers RM and the server includes labels in HTTP requests and response Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  64. Introduction Background Design Implementation Evaluation Summary Design - control browser-server communication Data can flow between browser and web servers RM and the server includes labels in HTTP requests and response Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  65. Introduction Background Design Implementation Evaluation Summary Design - control browser-server communication Data can flow between browser and web servers RM and the server includes labels in HTTP requests and response Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  66. Introduction Background Design Implementation Evaluation Summary Design -external server communication BFlow forbids communication after script have seen confidential data ... this is too restrictive for some applications ... so the developer can create a request declassification Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  67. Introduction Background Design Implementation Evaluation Summary Design -external server communication BFlow forbids communication after script have seen confidential data ... this is too restrictive for some applications ... so the developer can create a request declassification Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  68. Introduction Background Design Implementation Evaluation Summary Design -external server communication BFlow forbids communication after script have seen confidential data ... this is too restrictive for some applications ... so the developer can create a request declassification Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  69. Introduction Background Design Implementation Evaluation Summary Design -external server communication BFlow forbids communication after script have seen confidential data ... this is too restrictive for some applications ... so the developer can create a request declassification Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

  70. Introduction Background Design Implementation Evaluation Summary Implementation Implementation includes: Client Server Server Storage Janusz Kudełka Privacy-Preserving Browser-Side Scripting BFlow

Recommend

PHP Introduction ATLS 3020 Digital Media 2 Aileen Pierce Client vs. Server Side Scripting

PHP Introduction ATLS 3020 Digital Media 2 Aileen Pierce Client vs. Server Side Scripting

PHP Introduction ATLS 3020 Digital Media 2 Aileen Pierce Client vs. Server Side Scripting Client-side scripting (browser) Designed to interact with the user s web page Event-driven Restricted to what a web browser can

329 views • 29 slides
CSE 154 LECTURE 6: JAVASCRIPT Client-side scripting client-side script : code runs in browser

CSE 154 LECTURE 6: JAVASCRIPT Client-side scripting client-side script : code runs in browser

CSE 154 LECTURE 6: JAVASCRIPT Client-side scripting client-side script : code runs in browser after page is sent back from server often this code manipulates the page or responds to user actions What is JavaScript? a lightweight

643 views • 29 slides
Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2

Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2

Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2 http://server/path/file Usually when you type a URL in your browser: Your computer looks up the server's IP address using DNS Your browser connects

645 views • 36 slides
JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant

JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant

JavaScript! What is JavaScript? A (traditionally) client-side scripting language Meant (traditionally) to run entirely on the users browser Defined by the ECMAscript standard, published by the ECMA foundation JavaScript != Java,

657 views • 32 slides
CS/COE 1520 pitt.edu/~ach54/cs1520 Client-side scripting: An introduction to Javascript Why?

CS/COE 1520 pitt.edu/~ach54/cs1520 Client-side scripting: An introduction to Javascript Why?

CS/COE 1520 pitt.edu/~ach54/cs1520 Client-side scripting: An introduction to Javascript Why? By themselves, HTML and CSS can provide a description of the structure and presentation of a document to the browser A static document

461 views • 18 slides
Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU Leuven - COSIC 20 November 2012 Privacy Preserving Protocols Introduction Cryptography in Daily Life RFID Privacy

1.04k views • 60 slides
Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a

Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a

Session 19 Server Side Scripting Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a server script provides a way to extend an html page to include logic and insertion of data Understand the

612 views • 12 slides
Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro University College London (UCL) https://emilianodc.com Privacy-preserving what ? Parties with limited mutual trust willing or required to share

1.1k views • 66 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore PETS 2017 Privacy-Preserving Computation with Trusted

477 views • 34 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes Ben-Gurion University, Israel This talk presents joint work with Boris Rozenberg Talk Outline Motivation for Privacy-Preserving Distributed Data

1.48k views • 68 slides
Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: W. Du, Syracuse University, Y. Gao, Peking University Privacy Preserving Data Mining

659 views • 39 slides
Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My experience with biometrics and privacy Academic background on privacy Gradiants goal: transfer of knowledge to industry We bring state of

193 views • 6 slides
Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So whats the problem? Lecture 17 Page 1 CS 236 Online Traffic Analysis

532 views • 21 slides
On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego Overview Bayesian Privacy-preserving

878 views • 75 slides
Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

886 views • 30 slides
Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami ,

Carnus: Exploring the Privacy Threats of Browser Extension Fingerprinting Soroush Karami , Panagiotis Ilia, Konstantinos Solomos, Jason Polakis University of Illinois at Chicago, USA skaram5@uic.edu February 24, 2020 Browser extensions

492 views • 28 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
Jay Urbain, Ph.D. 1 Dynamic HTML is about scripting the DOM to change a web page document after

Jay Urbain, Ph.D. 1 Dynamic HTML is about scripting the DOM to change a web page document after

Dynamic HTML Handling (non-apocalyptic) events from DOM objects Jay Urbain, Ph.D. 1 Dynamic HTML is about scripting the DOM to change a web page document after it is loaded into a browser But how do you know when the browser has finished

309 views • 10 slides
DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy: New Problems and the Search for Solutions March 15 th , 2004 Tal Zarsky The Information Society Project, Yale Law School Introduction: Various

273 views • 25 slides
Don't Trust The Locals: Exploiting Persistent Client-Side Cross-Site Scripting in the Wild Marius

Don't Trust The Locals: Exploiting Persistent Client-Side Cross-Site Scripting in the Wild Marius

Don't Trust The Locals: Exploiting Persistent Client-Side Cross-Site Scripting in the Wild Marius Ste ff ens German OWASP Day 2018 joint work with Christian Rossow, Martin Johns and Ben Stock Dimensions of Cross-Site Scripting Server Client

413 views • 14 slides
Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann , Christopher Piosecny University of Hamburg (Germany) 1 Agenda Missing Privacy in DNS Characteristics of DNS Traffic

559 views • 24 slides
JAVASCRIPT an d th e We b ! JAVASCRIPT popular scripting language on the Web, supported by

JAVASCRIPT an d th e We b ! JAVASCRIPT popular scripting language on the Web, supported by

CS 498RK SPRING 2019 JAVASCRIPT an d th e We b ! JAVASCRIPT popular scripting language on the Web, supported by browsers separate scripting from structure (HTML) and presentation (CSS) client- and server-side programming object-oriented,

501 views • 32 slides

More recommend