Securing the Flow

The collaboration server handles communication in two distinct ways during embedded (on-premises) co-browsing.

security-1.png

The collaboration server transmits the structure of the web site from the visitor's browser to the agent. To do this, the collaboration server analyzes the structure of the website (the Document Object Model (DOM)) and transmits any changes detected. This transmission contains the following information:

  • The layout of the web site (which elements are where).

  • The events on the visitor computer (e.g., mouse pointer location, action feedback for when the agent clicks a link or highlights an element).

  • Dataurls and canvas images (Dataurls can be disabled on the collaboration server side, but often are not because they are used by the website. Canvas processing can also be disabled, but then parts of the website (the canvas parts) will not be visible on agent side.)

  • The website text.

The transmission does not contain:

  • JavaScript code. In order to ensure that an attacker cannot supply manipulated JavaScript code to the agent, all code is removed by the collaboration server.

Note: JavaScript is still executed in the visitor's browser and processed results are forwarded to the agent, so the website still works normally.

  • Other embedded media or executable code.

How the Collaboration Server Transmits Media Files

The collaboration server uses a separate connection for media files, such as PDFs and images. This provides the following advantages:

  • For on-premises environments, media files are transmitted internally, so the agent does not have any media files from outside the company on the computer.

  • An attacker cannot supply a manipulated media file to the agent.

  • The collaboration server can keep track of media files that are created dynamically for the customer. To do this, it copies the files into an internal cache before they go out to the customer.

Potential Attack Types

Attack type How the collaboration server deals with the attack
Attacker pretends to be a visitor and tries to run code on the agent's computer. Removes all executable code before transmitting the web page to the agent.
Note: Only for image and stylesheet references. The attacker pretends to be a visitor and inserts a link to a (malicious) media file into the web content. The collaboration server loads all media files directly from your web server. It never transmits a file from the internet to the agent.
The attacker tries to eavesdrop on an existing visitor session. The collaboration server relies on the safety of your connection, usually managed through a web application firewall. To eavesdrop on a visitor session, an attacker has to break your connection first.
The attacker tries to hijack an existing visitor session. The collaboration server checks the integrity of the connection and immediately terminates if the integrity is compromised.
An attacker inside of your company's IT network tries to hijack an existing session. You can configure the collaboration server in a way that consultants have to log in and cannot participate in multiple concurrent sessions. You can also restrict the content that consultants can see and what actions are permitted on the visitor‘s web page.
The agent abuses his position and tries to execute malicious commands as the visitor. All versions of unblu provide for the ability to specify exactly what agents can see or do on the visitor‘s web page.
The attacker pretends to be a visitor and tries to guess another visitor's PIN. The PIN is only valid for a very limited period of time.

The Filter

The Filter Flow

Embedded Co-browsing

Managing Restricted Resources Without the Filter

  • deploycloud
  • deployonprem

results matching ""

    No results matching ""