A Policy Based Approach for the Management of Web Browser Resources to Prevent Anonymity Attacks in Tor
Tipo de Publicación:
Conference PaperOrigen:
24th IFIP TC-11 International Information Security Conference (SEC2009), Springer Boston, Volumen297/2009, Cyprus, p.164-175 (2009)ISBN:
978-3-642-01243-3URL:
http://www.springerlink.com/content/l12k23678011l1t2Palabras clave:
privacy; anonymity; TorResumen:
Web browsers are becoming the universal interface to reach
applications and services related with these systems. Different
browsing contexts may be required in order to reach them, e.g., use
of VPN tunnels, corporate proxies, anonymisers, etc. By browsing
\emph{context} we mean how the user browsers the Web, including
mainly the concrete configuration of its browser. When the context
of the browser changes, its security requirements also change. In
this work, we present the use of authorisation policies to
automatise the process of controlling the resources of a Web browser
when its context changes. The objective of our proposal is oriented
towards easing the adaptation to the security requirements of the
new context and enforce them in the browser without the need for
user intervention. We present a concrete application of our work as
a \emph{plug-in} for the adaption of security requirements in
Mozilla/Firefox browser when a context of anonymous navigation
through the Tor network is enabled.