Recently Microsoft Research has published an interesting article on a secure web browser, Gazelle constructed as a multi-principal OS. Gazelle's Browser Kernel is an operating system that exclusively manages resource protection and sharing across web site principals. This construction exposes intricate design issues that no previous work has identified, such as legacy protection of cross-origin script source, and cross-principal, cross-process display and events protection.
Microsoft’s prototype implementation and evaluation experience indicates that it is realistic to turn an existing browser into a multi-principal OS that yields significantly stronger security and robustness with acceptable performance and backward compatibility.
For more details, go through this PDF. Gazelle’s Browser Kernel exclusively provides cross-principal protection and fair sharing of all system resources. This paper focuses on resource protection only.
No comments:
Post a Comment