Abstract
Website publishers can derive enormous performance benefits and cost savings by directing traffic to their sites through content distribution networks (CDNs). However, publishers who use CDNs must trust they won't modify the site's JavaScript, CSS, images, or other media en route to end users. A CDN that violates this trust could inject ads into websites, downsample media to save bandwidth, or, worse, inject malicious JavaScript code to steal user secrets it couldn't otherwise access. The authors present Stickler, a system for website publishers that guarantees the end-to-end authenticity of content served to users that simultaneously lets publishers reap the benefits of CDNs. Crucially, Stickler achieves these guarantees without requiring modifications to the browser.
Original language | English (US) |
---|---|
Article number | 7448352 |
Pages (from-to) | 22-28 |
Number of pages | 7 |
Journal | IEEE Security and Privacy |
Volume | 14 |
Issue number | 2 |
DOIs | |
State | Published - Mar 1 2016 |
Externally published | Yes |
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Electrical and Electronic Engineering
- Law
Keywords
- Browsers
- Computer security
- Content distribution networks
- Cryptography
- Malware
- Privacy
- Servers