CSP Synthesis

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Chiarot, Giacomo <1995> it_IT
dc.date.accessioned 2019-06-20 it_IT
dc.date.accessioned 2019-11-20T07:09:24Z
dc.date.issued 2019-07-10 it_IT
dc.identifier.uri http://hdl.handle.net/10579/15392
dc.description.abstract Cross Site Scripting (XSS) is a widespread web vulnerability that allows an attacker to inject code in a web page, fully compromising it. Content- Security-Policy (CSP) is a security mechanism that limits the effects of XSS attacks. However it is hard to configure and, for this reason, it is not widely adopted. For the same reason, many real policies in the wild are misconfigured. In this thesis we present a Chrome extension for semi-automatically generating and enforcing CSP while navigating the web. We analyze the generated policies to see if the extension does not break the navigation while enforcing the security of users surfing the Web. The extension is useful both for end users and for developers, since it is able to build a policy that can be permanently included in a new website. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Giacomo Chiarot, 2019 it_IT
dc.title CSP Synthesis it_IT
dc.title.alternative CSP Synthesis it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2018/2019_sessione_estiva it_IT
dc.rights.accessrights closedAccess it_IT
dc.thesis.matricno 854893 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend 10000-01-01
dc.provenance.upload Giacomo Chiarot (854893@stud.unive.it), 2019-06-20 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2019-07-08 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record