Thesis (M.S., Computer Science) -- University of Idaho, 2017 | Web-browsers have been so successful today, that they are a necessity to both private and public sectors. Reasons behind such a success are: flexibility through Turing-complete execution and powerful graphic capabilities, which are accessible through network by both trusted and untrusted sites. These capabilities lead to multiple vulnerabilities. To prevent or mitigate the probability of vulnerabilities being exploited, a successful approach can be to configure all the web-browsers by specifying multi-level-granularity and tailored high-level secure policies. Where in, the policies are transformed into configuration files and deployed to all the applicable machines in a domain. In addition, the policies should accommodate the attributes: devices, users/roles, applications, and domains of an organization. During our background study, we were not able to find any policy-oriented centralized system which had the tailored browser security settings approach, with the ability to accommodate devices, users/roles, applications, and domains. Therefore, we made it our mission to design and practically implement a centralized system called as HiFiPol:Browser, which is a policy-oriented, multi-platform, and high-fidelity security policy management system for web-browsers.
The contributions reported in this thesis are: (a) present a requirement for policy-oriented granularity-supporting web browser configuration tools, by demonstrating one of the current methods for remote web browser configuration, and leveraging upon the disadvantages of current method (b) architecture and component design of HiFiPol:Browser - a policy-oriented, granularity-supporting web browser configuration tool, and (c) designed and developed prototype of a High-level, Easy-to-use, Reconfigurable, Machine Environment Specification Language: HERMES