Adam Barth

RFC, November, 2012

A Learning-Based Approach to Reactive Security.

[BibT_eX]

[DOI]

Benjamin I. P. Rubinstein

IEEE Trans. Dependable Secur. Comput., 2012

2011

The Web Origin Concept.

[BibT_eX]

[DOI]

RFC, December, 2011

HTTP State Management Mechanism.

[BibT_eX]

[DOI]

RFC, April, 2011

How Open Should Open Source Be?

[BibT_eX]

[DOI]

Benjamin I. P. Rubinstein

Saung Li

CoRR, 2011

Towards Client-side HTML Security Policies.

[BibT_eX]

[DOI]

Joel Weinberger

Proceedings of the 6th USENIX Workshop on Hot Topics in Security, 2011

App isolation: get the security of multiple browsers with just one.

[BibT_eX]

[DOI]

Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010

Regular expressions considered harmful in client-side XSS filters.

[BibT_eX]

[DOI]

Daniel Bates

Proceedings of the 19th International Conference on World Wide Web, 2010

Preventing Capability Leaks in Secure JavaScript Subsets.

[BibT_eX]

[DOI]

Matthew Finifter

Joel Weinberger

Proceedings of the Network and Distributed System Security Symposium, 2010

Protecting Browsers from Extension Vulnerabilities.

[BibT_eX]

[DOI]

Proceedings of the Network and Distributed System Security Symposium, 2010

Towards a Formal Foundation of Web Security.

[BibT_eX]

[DOI]

Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2010

2009

Protecting browsers from DNS rebinding attacks.

[BibT_eX]

[DOI]

ACM Trans. Web, 2009

Browser security: lessons from Google Chrome.

[BibT_eX]

[DOI]

Charles Reis

Carlos Pizano

Commun. ACM, 2009

Securing frame communication in browsers.

[BibT_eX]

[DOI]

Commun. ACM, 2009

Rootkits for JavaScript Environments.

[BibT_eX]

[DOI]

Ben Adida

Proceedings of the 3rd USENIX Workshop on Offensive Technologies, 2009

Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense.

[BibT_eX]

[DOI]

Joel Weinberger

Proceedings of the 18th USENIX Security Symposium, 2009

Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves.

[BibT_eX]

[DOI]

Juan Caballero

Proceedings of the 30th IEEE Symposium on Security and Privacy (SP 2009), 2009

2008

Design and analysis of privacy policies.

[BibT_eX]

[DOI]

PhD thesis, 2008

Forcehttps: protecting high-security web sites from network attacks.

[BibT_eX]

[DOI]

Proceedings of the 17th International Conference on World Wide Web, 2008

Robust defenses for cross-site request forgery.

[BibT_eX]

[DOI]

Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

2007

An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks.

[BibT_eX]

[DOI]

Proceedings of the Financial Cryptography and Data Security, 2007

Privacy and Utility in Business Processes.

[BibT_eX]

[DOI]

Proceedings of the 20th IEEE Computer Security Foundations Symposium, 2007

2006

Privacy and Contextual Integrity: Framework and Applications.

[BibT_eX]

[DOI]

Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), 2006

Managing Digital Rights using Linear Logic.

[BibT_eX]

[DOI]

Proceedings of the 21th IEEE Symposium on Logic in Computer Science (LICS 2006), 2006

Privacy in Encrypted Content Distribution Using Private Broadcast Encryption.

[BibT_eX]

[DOI]

Dan Boneh

Brent Waters

Proceedings of the Financial Cryptography and Data Security, 2006

2005

High performance imaging using large camera arrays.

[BibT_eX]

[DOI]

ACM Trans. Graph., 2005

Enterprise privacy promises and enforcement.

[BibT_eX]

[DOI]

Proceedings of the POPL 2005 Workshop on Issues in the Theory of Security, 2005

2004

Conflict and combination in privacy policy languages.

[BibT_eX]

[DOI]