CIS 607 Seminar: Web Security & Privacy
Instructor: Prof. Jun Li
Syllabus
We hand out the syllabus hard copy in the first class.
Course Info
Description
We study and discuss security and privacy issues related to the World Wide Web
(commonly abbreviated as ``the Web'').
Examples issues include:
- Popular web-based vulnerabilities and attacks (phishing, CSRF, XSS, DNS rebinding attacks, etc.)
- New security models for web browser design
- Web site protection
- Web surfing privacy and anonymity
Readings
- Week 2: Robust defenses for cross-site request forgery
- Week 3: Protecting browsers from DNS rebinding attacks
- Week 4: SOMA: mutual approval for included content in web pages
- Week 5: Securing frame communication in browsers
- Week 6: Secure Web Browsing with the OP Web Browser
- Week 7: The Multi-Principal OS Construction of the Gazelle Web Browser
- Week 8: The Security Architecture of the Chromium Browser
- Week 9: Puppetnets: misusing web browsers as a distributed attack infrastructure
- Week 10: TBD.
Last modified: Fri Apr 24 23:30:34 PDT 2009