Ensuring Resource Trust and Integrity in Web Browsers Using Blockchain Technology

Cap, Clemens. H and Leiding, Benjamin (2018) Ensuring Resource Trust and Integrity in Web Browsers Using Blockchain Technology. In: Advanced Information Systems Engineering Workshops - CAiSE 2018 International Workshops, Tallinn, Estonia.

[img] Text
cap-leiding-trust-integrity-web-browsers-bioc.pdf
Restricted to Registered users only
Download (431kB)

Abstract

Current web technology allows the use of cryptographic primitives as part of server-provided Javascript. This may result in security problems with web-based services. We provide an example for an attack on the WhisperKey service. We present a solution which is based on human code reviewing and on CVE (Common Vulnerabilities and Exposures) data bases. In our approach, existing code audits and known vulnerabilities are tied to the Javascript file by a tamper-proof Blockchain approach and are signaled to the user by a browser extension. The contribution explains our concept and its workflow; it may be extended to all situations with modular, mobile code. Finally, we propose an amendment to the W3C subresource recommendation.

Item Type: Conference or Workshop Item (Paper)
Subjects: Main Topics > Blockchain
Projects > BloSSom 2019
Main Topics > Security
Divisions: Computer Science
Depositing User: Unnamed user with email richard.dabels@uni-rostock.de
Date Deposited: 03 Sep 2019 16:35
Last Modified: 03 Sep 2019 16:35
URI: http://blossom.informatik.uni-rostock.de/id/eprint/35

Actions (login required)

View Item View Item
Blockchain is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.