Explore a groundbreaking architecture for protecting sensitive user data during web browsing sessions, even in the presence of a fully compromised browser and operating system. Learn about Fidelius, a system that leverages trusted hardware enclaves integrated into browsers to safeguard user secrets. Discover how this innovative approach addresses challenges in providing browser protection in malicious environments, offering support for form data integrity and privacy, secure JavaScript execution, XMLHttpRequests, and protected web storage. Examine the protocols developed for secure interactions between the enclave and various components, including the browser, keyboard, and display. Gain insights into the user interface considerations that ensure a consistent and simple experience for both developers and users. Understand the implementation of the first open-source system providing a trusted path from input/output peripherals to a hardware enclave without relying on additional hypervisor security assumptions. Evaluate Fidelius's performance overhead and its impact on page load times and user interactions for secured pages.
Fidelius - Protecting User Secrets from Compromised Browsers
Overview
Syllabus
Fidelius: Protecting User Secrets from Compromised Browsers
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
An Extensible Orchestration and Protection Framework for Confidential Cloud Computing
-
Beauty and the Beast - Diverting Modern Web Browsers to Build Unique Browser Fingerprints
-
EmPoWeb - Empowering Web Applications with Browser Extensions
-
The Leaky Web - Automated Discovery of Cross-Site Information Leaks in Browsers and the Web
-
Privacy-from-Birth - Protecting Sensed Data from Malicious Sensors with VERSA
-
Understanding the Prevailing Security Vulnerabilities in TrustZone-Assisted TEE Systems
