- Security '12 Home
- Registration Information
- Registration Discounts
- Organizers
- At a Glance
- Calendar
- Technical Sessions
- Workshops
- Hotel & Travel Information
- Poster Session
- Rump Session
- Birds-of-a-Feather Sessions
- Sponsors
- Activities
- Students
- Questions?
- For Participants
- Help Promote
- Call for Papers
- Past Proceedings
sponsors
usenix conference policies
Establishing Browser Security Guarantees through Formal Shim Verification
Website Maintenance Alert
Due to scheduled maintenance, the USENIX website may not be available on Monday, March 17, from 10:00 am–6:00 pm Pacific Daylight Time (UTC -7). We apologize for the inconvenience and thank you for your patience.
If you would like to register for NSDI '25, SREcon25 Americas, or PEPR '25, please complete your registration before or after this time period.
Dongseok Jang, Zachary Tatlock, and Sorin Lerner, University of California, San Diego
Web browsers mediate access to valuable private data in domains ranging from health care to banking. Despite this critical role, attackers routinely exploit browser vulnerabilities to exfiltrate private data and take over the underlying system. We present QUARK, a browser whose kernel has been implemented and verified in Coq. We give a specification of our kernel, show that the implementation satisfies the specification, and finally show that the specification implies several security properties, including tab non-interference, cookie integrity and confidentiality, and address bar integrity.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Dongseok Jang and Zachary Tatlock and Sorin Lerner},
title = {Establishing Browser Security Guarantees through Formal Shim Verification},
booktitle = {21st USENIX Security Symposium (USENIX Security 12)},
year = {2012},
isbn = {978-931971-95-9},
address = {Bellevue, WA},
pages = {113--128},
url = {https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/jang},
publisher = {USENIX Association},
month = aug
}
Presentation Video
- Chapters
- subtitles off
- captions off
This is a modal window.
connect with us