Cap, Clemens. H and Leiding, Benjamin (2018) Ensuring Resource Trust and Integrity in Web Browsers Using Blockchain Technology. In: Advanced Information Systems Engineering Workshops - CAiSE 2018 International Workshops, Tallinn, Estonia.
Text
cap-leiding-trust-integrity-web-browsers-bioc.pdf Restricted to Registered users only Download (431kB) |
Abstract
Current web technology allows the use of cryptographic primitives as part of server-provided Javascript. This may result in security problems with web-based services. We provide an example for an attack on the WhisperKey service. We present a solution which is based on human code reviewing and on CVE (Common Vulnerabilities and Exposures) data bases. In our approach, existing code audits and known vulnerabilities are tied to the Javascript file by a tamper-proof Blockchain approach and are signaled to the user by a browser extension. The contribution explains our concept and its workflow; it may be extended to all situations with modular, mobile code. Finally, we propose an amendment to the W3C subresource recommendation.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Subjects: | Main Topics > Blockchain Projects > BloSSom 2019 Main Topics > Security |
Divisions: | Computer Science |
Depositing User: | Unnamed user with email richard.dabels@uni-rostock.de |
Date Deposited: | 03 Sep 2019 16:35 |
Last Modified: | 03 Sep 2019 16:35 |
URI: | http://blossom.informatik.uni-rostock.de/id/eprint/35 |
Actions (login required)
View Item |