An Architecture for a Policy-Oriented Web Browser Management System: HiFiPol: Browser

Web browsers are a necessity of today's economy and government. This success is attributed to their flexibility, which is afforded by Turing-complete execution and powerful graphic capabilities, both accessible through the network to trusted and untrusted sites. These capabilities, if maliciously undermined, have high potential for data or system compromise. An approach that can be successfully applied to prevent and mitigate compromise is tailoring browser security settings according to device, user/role, and domain. To make such a high-fidelity security configurations practical, we are designing and implementing HiFiPol: Browser: A policy-oriented and multi-platform Hi-Fidelity security Policy management system for web Browsers. In this article, we describe the architecture of HiFiPol: Browser. We describe in detail all components of the architecture, the tasks needed to implement it in a fully operational system, and the current status on the progress of each task. HiFiPol: Browser has been designed to provide: a) a human-friendly and high-level policy specification language and environment, b) security policy conflict detection and resolution, c) automatic instantiation of high-level policies into configurations, and d) distributed browser configuration deployment. We believe that HiFiPol: Browser will enable the design and implementation of domain-, application-, device-, and user-tailored secure policies within a technically diverse organization.