Date Added: Jun 2010
Web publishers frequently integrate third-party advertisements into web pages that also contain sensitive publisher data and end-user personal data. This practice exposes sensitive page content to confidentiality and integrity attacks launched by advertisements. In this paper, the authors propose a novel framework for addressing security threats posed by third-party advertisements. The heart of the framework is an innovative isolation mechanism that enables publishers to transparently interpose between advertisements and end users. The mechanism supports fine-grained policy specification and enforcement, and does not affect the user experience of interactive ads. Evaluation of the framework suggests compatibility with several mainstream ad networks, security from many threats from advertisements and acceptable performance overheads.