Security

Residue Objects: A Challenge to Web Browser Security

Free registration required

Executive Summary

A complex software system typically has a large number of objects in the memory, holding references to each other to implement an object model. Deciding when the objects should be active is non-trivial, but the decisions can be security-critical. This is especially true for web browsers: if certain browser objects do not disappear when the new page is switched in, basic security properties can be compromised, such as visual integrity, document integrity and memory safety. Authors refer to these browser objects as residue objects.

  • Format: PDF
  • Size: 255.37 KB