The Web has become the key access point to a plethora of security-sensitive services, which we use on a daily basis, yet it was not designed with security or privacy in mind. Many key mechanisms we typically rely on today for critical functionality were arguably not designed for security (such as cookies for authentication purposes) and numerous mechanisms have been piecemeal retrofitted to the Web to add security to it. These mechanisms often represent sub-optimal solutions, since they are primarily designed as lightweight security patches intended to not cause breakage to existing web applications. In this workshop, we want to move away from augmenting the Web with Se curity and rather design Se curity for the Web.
IEEE European Symposium on Security and Privacy (EuroS&P)
2020-01-11
2024-10-08