TitleA Policy Based Approach for the Management of Web Browser Resources to Prevent Anonymity Attacks in Tor
Publication TypeConference Paper
Year of Publication2009
AuthorsNavarro-Arribas G, Garcia-Alfaro J
Conference Name24th IFIP TC-11 International Information Security Conference (SEC2009)
PublisherSpringer Boston
Conference LocationCyprus
Date Published18/05/2009
ISBN Number978-3-642-01243-3
Keywordsanonymity, Privacy, Tor

Web browsers are becoming the universal interface to reach applications and services related with these systems. Different browsing contexts may be required in order to reach them, e.g., use of VPN tunnels, corporate proxies, anonymisers, etc. By browsing \emph{context} we mean how the user browsers the Web, including mainly the concrete configuration of its browser. When the context of the browser changes, its security requirements also change. In this work, we present the use of authorisation policies to automatise the process of controlling the resources of a Web browser when its context changes. The objective of our proposal is oriented towards easing the adaptation to the security requirements of the new context and enforce them in the browser without the need for user intervention. We present a concrete application of our work as a \emph{plug-in} for the adaption of security requirements in Mozilla/Firefox browser when a context of anonymous navigation through the Tor network is enabled.