Daniel Hausknecht, Data- och informationsteknik

​Web Application Content Security

Today, the Web is ubiquitous. Websites have long moved from static information pages sent to a client browser for sheer display. Today, websites widely implement complex web applications as powerful as on a device installed applications. Today, people use browsers to chat and share pictures with friends and family, go shopping or even manage their bank accounts online.

Naturally, a lot of private data is involved. Data that should be protected against unintended recipients, against hackers. To this end, the web community has come up with several protection mechanisms to secure the content of web applications.

In this thesis we analyze various client-side web security problems. For example we investigate the deployment of security critical web services like online password meters and password generators, and the client-side security configurations of login pages of the 100.000 most visited websites. We study how and if certain security problems are addressed by real world web applications, if sufficient protection mechanisms exist, and propose solutions to improve the state of the art for web security.
Daniel Hausknecht tillhör avdelningen för informationssäkerhet vid Institutionen för data- och informationsteknik. 

Opponent
Professor Davide Balzarotti, Eurocom, Frankrike.

Betygsnämnd
Biträdande professor William Robertson, Northeastern University, Boston MA, USA.
Professor Christian Rossow, Saarland University, Tyskland.
Adjunct professor Christian Gehrmann, Lunds Universitet, Sverige.

Länk till avhandlingen


Kategori Disputation
Plats: ED, lecture hall, EDIT-building, Hörsalsvägen 11, Johanneberg
Tid: 2018-08-31 10:00
Sluttid: 2018-08-31 11:00

Publicerad: må 09 jul 2018. Ändrad: on 22 aug 2018