Content delivered through web browsers continues to be a prominent method of attack in personal computing systems. Executable scripts (such as JavaScript) and enabling cookies provide the user with a richer browsing experience and convenience of use. This includes everything from drop down menus and customizable display settings to pre-filled forms and user/password recognition. However, these features leave the user vulnerable to cyber security attacks that are typically unmitigated by standard browser-security settings. Even when a browser is restarted preset authentications remain intact. One way around this is to use different browsers for different purposes, but this is not always practical.
Researchers at ASU have developed software that automates the best manual security-compartmentalization practices by generating a fresh browsing instance (FBI) for sensitive websites. The automation is transparent to the user and does not require any modification of how non-sensitive content is accessed. Auto-FBI predefines sensitive content for novice users but also allows advanced users to designate conflict of interest classes, even permitting content from sites in the same user-defined class to coexist in a browser instance. This provides the same secure access achieved by using multiple browsers all in one.
Potential Applications
- Browser Extensions/Add-ons
- Web Applications
- Internet Security
Benefits and Advantages
- Automated – Once installed it does not require any intervention from the user.
- Practical – Same secure access to sensitive web obtained by using multiple browsers all within the same browser.
- Compatible – Supports most conventional browsers.
- User-friendly – Established security settings for casual users while giving experienced user advanced options for enhanced browsing control.
For more information about the inventor(s) and their research, please see
Dr. Rita Bazzi's directory webpage