Empowering Mobile Device Security with Smart CDNs

empowering browser security for mobile devices n.w
1 / 14
Embed
Share

Explore research by Ben Livshits and David Molnar from Microsoft Research on enhancing browser security for mobile devices using Smart CDNs. Delve into the challenges of mobile web growth, the impact of CDNs, and potential security services to combat threats. Discover the rise of smart CDNs and the implications for the security landscape.

  • Security
  • Smart CDNs
  • Mobile Devices
  • Research
  • Browser
rayaanacharya
mver Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Empowering Browser Security for Mobile Devices Using Smart CDNs Ben Livshits and David Molnar Microsoft Research 1

  2. Mobile Web Growth 2

  3. Opera Mobile Study 4 http://www.opera.com/media/smw/2009/pdf/smw032009.pdf

  4. Research in Desktop Browser Security ConScript Nozzle [Oakland 10] [UsenixSec 09] StackGuard/HeapGuard NativeClient/XAX [UsenixSec 01/] [Oakland 09/OSDI 08] XSS filters/ worm filters 5

  5. Mobile: Difficulties of Adoption http://developer.android.com/resources/dashboard/platform-versions.html 6

  6. CDNs are Growing 7

  7. Consequence: Fat Middle Tier Rise of smart CDN (sCDN) What does this mean for security? 8

  8. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? 9

  9. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? Let s do the easiest one first 10

  10. Example Service: Nozzle in Mobile Nozzle is a heap spraying prevention system that protects desktop browsers [UsenixSec 09] How to deploy Nozzle on mobile browsers? Software updates on all handsets..? Same problem for any browser based mitigation StackGuard, RandomHeap, your paper at W2SP20XX 11

  11. Example Service: Nozzle in Mobile Run Nozzle in sCDN! Catch heap sprays, pre-render benign pages, ship renders to mobile. 12

  12. More sCDN Security Services Real Time phish tracking Why is everyone suddenly going to whuffo.com? URL reputation 15 other people were owned by this URL XSS filters Fuzz testing seeded with real traces 13

  13. Untrustworthy Infrastructure? Multiple vendors Linksys, Cisco, Akamai, Limelight, Multiple operators Comcast, Sprint, AT&T, T-Mobile, Joe Sixpack, Multiple web applications How do these parties work together? What about privacy? 14

  14. Two Research Directions What if the middle tier is not trustworthy? What new security services can we provide? 15

Related


No related presentations.

More Related Content