Web content has shifted from simple documents to active programs, but web protocols and browsers have not evolved adequately to support them. As a result, safety problems in web sites and web browsers now regularly make headlines, from browser exploits to ISPs that modify web pages. In this talk, I will discuss my research into improving the security and reliability of web content and browsers.
After this, I will talk more broadly about my research on web browser security, focusing on the deficiencies of today's web as an application platform. Starting from my prior work on BrowserShield, I will show how we need a safer architecture for running programs within the browser. Like an operating system, this new architecture will need effective mechanisms to define, isolate, and enforce policies on these web programs.
There is no downloadable version of the slides for this talk available at this time.
About the speaker:
Charles Reis is a PhD student in the Department of Computer Science & Engineering at the University of Washington, studying with Steve Gribble and Hank Levy. His current research focuses on improving the security and reliability of web content and web browsers. In the past, he has also worked on models of wireless interference with David Wetherall. Charles received a B.A. and an M.S. in Computer Science from Rice University, where he worked with Corky Cartwright and Peter Druschel. At Rice, Charles was the second lead developer for DrJava, a widely used educational programming environment.