Hardening the Client-Side: A Guide to Enterprise-Level Hardening of Web Browsers

机译：强化客户端：Web浏览器企业级强化指南

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Today, web browsers are a major avenue for cyber-compromise and data breaches. Web browser hardening, through high-granularity and least privilege tailored configurations, can help prevent or mitigate many of these attack avenues. For example, on a classic client desktop infrastructure, an enforced configuration that enables users to use one browser to connect to critical and trusted websites and a different browser for un-trusted sites, with the former restricted to trusted sites and the latter with JavaScript and Plugins disabled by default, may help prevent most JavaScript and Plugin-based attacks to critical enterprise sites. However, most organizations, today, still allow web browsers to run with their default configurations and allow users to use the same browser to connect to trusted and un-trusted sites alike. In this article, we present detailed steps for remotely hardening multiple web browsers in a Windows-based enterprise, for Internet Explorer and Google Chrome. We hope that system administrators use this guide to jump-start an enterprise-wide strategy for implementing high-granularity and least privilege browser hardening. This will help secure enterprise systems at the front-end in addition to the network perimeter.

机译：如今，Web浏览器已成为解决网络威胁和数据泄露的主要途径。通过高粒度和最低特权量身定制的配置，Web浏览器强化可以帮助防止或缓解许多此类攻击途径。例如，在经典客户端桌面基础结构上，强制配置使用户能够使用一个浏览器连接到关键和受信任的网站，对于不信任的站点使用不同的浏览器，前者仅限于受信任的站点，而后者则使用JavaScript和默认情况下禁用的插件可能有助于防止对关键企业站点的大多数基于JavaScript和基于插件的攻击。但是，今天，大多数组织仍然允许Web浏览器以其默认配置运行，并允许用户使用同一浏览器来连接到受信任和不受信任的站点。在本文中，我们提供了详细的步骤，用于针对Internet Explorer和Google Chrome远程加固基于Windows的企业中的多个Web浏览器。我们希望系统管理员可以使用本指南来启动企业范围的策略，以实现高粒度和最低特权的浏览器强化。除了网络外围，这还将有助于保护前端的企业系统。

著录项

来源
《2017 IEEE 15th International Conference on Dependable, Autonomic and Secure Computing, 2017 IEEE 15th International Conference on Pervasive Intelligence and Computing, 2017 IEEE 3rd International Conference on Big Data Intelligence and Computing, 2017 IEEE Cyber Science and Technology Congress》|2017年|687-692|共6页
会议地点 Orlando(US)
作者
Ananth A. Jillepalli; Daniel Conte de Leon; Stu Steiner; Frederick T. Sheldon; Michael A. Haney;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Browsers; Computers; Servers; Tools; Security; Organizations; Vegetation;

机译：浏览器;计算机;服务器;工具;安全性;组织;植被;;

相似文献

外文文献
中文文献
专利

1. Hardening web browser security configuration using machine learning technique [J] . Harshad Wadkar, Arun Mishra International Journal of Electronic Business . 2020,第3期

机译：使用机器学习技术硬化Web浏览器安全配置
2. Demystifying the Imperfect Client-Side Cache Performance of Mobile Web Browsing [J] . Xuanzhe Liu, Yun Ma, Yunxin Liu, IEEE transactions on mobile computing . 2016,第9期

机译：揭秘移动Web浏览不完美的客户端缓存性能
3. VALIDATING JAVASCRIPT GUIDELINES ACROSS MULTIPLE WEB BROWSERS [J] . ZOLTáN HERCZEG, GáBOR LóKI, TAMáS SZIRBUCZ, Nordic journal of computing . 2013,第1期

机译：验证多个Web浏览器中的JAVASCRIPT指南
4. Hardening the Client-Side: A Guide to Enterprise-Level Hardening of Web Browsers [C] . Ananth A. Jillepalli, Daniel Conte de Leon, Stu Steiner, IEEE International Conference on Pervasive Intelligence and Computing . 2017

机译：硬化客户端：网络浏览器的企业级硬化指南
5. G-hardening of commercial off the shelf components for small guided projectiles [D] . Decoto, Jake. 2011

机译：G-HARDENTED为小型引导射弹的货架组件
6. SILVA tree viewer: interactive web browsing of the SILVA phylogenetic guide trees [O] . Alan Beccati, Jan Gerken, Christian Quast, 2017

机译：SILVA树查看器：SILVA系统发育指南树的交互式Web浏览
7. Hardening Web Browsers Against Man-in-the-Middle and Eavesdropping Attacks [O] . Haidong Xia, José Carlos Brustoloni 2005

机译：加强Web浏览器对抗中间人和窃听攻击

Hardening the Client-Side: A Guide to Enterprise-Level Hardening of Web Browsers

摘要

著录项

相似文献

相关主题

期刊订阅