Microsoft Research, in conjunction with researchers at several prominent technology-oriented universities, has published a thesis on what a new secure Web browser should look like. The paper addresses a number of security issues that have dogged browsers from day one, and gives hints at a possible future direction for Internet Explorer.
The Gazelle Web browser, as it’s codenamed, is a “secure web browser constructed as a multi-principal OS,” according to the report. It’s the outcome of a project under development at Microsoft Research called “MashupOS,” which Microsoft has discussed publicly.
In that paper, Microsoft researchers noted that the evolution of the browser “has led to an inadequate security model that forces Web applications to choose between security and interoperation.” MashupOS is “a set of abstractions that isolate mutually-untrusting web services within the browser, while allowing safe forms of communication.”
The problem, as Microsoft outlined, is that in a Web 2.0 world, you have to choose between convenience or security. The convenience of running mashups has to be countered against the security question of visiting one trusted Web site that may be pulling in applications and services from multiple unknown, untrusted Web sites.
The aim of MashupOS is to provide cross-domain protection that prevents code in one domain from compromising the integrity of other domains, controlling the communication lines between domains, and making minimal changes to the existing Web API to maintain backwards compatibility.
The authors noted that no existing browsers have a multi-principal operating system construction that gives the browser exclusive control to manage the protection of all system resources. In other words, browsers use the operating system’s kernel.
Turning the browser into an operating system
The Gazelle browser uses its own kernel, effectively turning the app into an operating system. This allows it to examine and identify traffic as it’s passed through the browser’s subsystems and lets it react to anything malicious with far more control than browser have previously had.
But don’t hold your breath for a new Gazelle-based browser. Microsoft officials say this is, for now, strictly a research project and there are no plans to productize Gazelle anytime soon.