YoVDO

The "Web/Local" Boundary Is Fuzzy - A Security Study of Chrome's Process-based Sandboxing

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Cybersecurity Courses Web Security Courses Browser Security Courses Same-Origin Policy Courses

Course Description

Overview

Explore a security study on Chrome's process-based sandboxing presented at the 23rd ACM Conference on Computer and Communications Security. Delve into the fuzzy boundary between web and local content, examining concrete attacks, Same-Origin Policies (SOPs), memory partitioning, and browser memory safety. Learn about fingerprinting techniques, data-oriented attacks, and Google's IFrame isolation. Gain insights from researchers at the National University of Singapore and Microsoft Research as they discuss the implications of these security vulnerabilities and potential solutions. Conclude with a Q&A session to further understand the complexities of web browser security.

Syllabus

Introduction
WebLocal Boundary
Fuzzy WebLocal Boundary
Concrete Attacks
SOPs
Can we skip SOPs
Memory Partitioning
Fingerprinting
DataOriented Attacks
Browser Memory Safety
Google IFrame Isolation
Conclusion
Questions


Taught by

ACM CCS

Related Courses

Introduction to Cyber Security
Uttarakhand Open University, Haldwani via Swayam The Complete Cyber Security Course : Network Security!
Udemy The Beginners 2024 Cyber Security Awareness Training Course
Udemy Modern Browser Security Reports
Pluralsight JavaScript Security Part 1
Infosec via Coursera