Fine-Grained Data-Centric Content Protection Policy for Web Applications

The vast amount of sensitive data in modern web applications has become a prime target for cyberattacks. Existing browser security policies disallow the execution of unknown scripts, but do not restrict access to sensitive web content by 'trusted' third-party scripts. Therefore, the over-privileged third-party scripts can compromise the confidentiality and integrity of sensitive user data in the applications.