Welcome!

Open Web Authors: PR.com Newswire, David Weinberger, Louis Nauges, Pat Romanski, Sarah Lake

Related Topics: .NET, Search, Open Web

.NET: Article

Browser as Operating System Microsoft-Style

Microsoft Research has been working on a browser code named Gazelle that it will describe next month

Google's not the only one spouting the old Netscape line about the browser as platform or trying to evolve it into an operating system that can support an increasingly sophisticated web environment. Microsoft, which has yet to dignify word of Google's proposed Chrome OS with a response, has similar ideas.

As part of a long-term project meant to bring web applications into functional and quality parity with desktop apps, Microsoft Research has been working on a browser code-named Gazelle that it will describe next month at the Usenix Security Symposium in Montreal.

Microsoft says it's the first time a browser has been implemented as a so-called multi-principal operating system but insists it's just research, not a product prototype.

In browser-speak a principal is a web site. So multi-principals are web pages that consist of content from different principals, each demanding resources that are unmanaged because the traditional browser's not up to it.

That means "an ad containing malicious or poorly written code could hog the network connection, degrade performance, freeze the entire page, or crash the browser."

But "in a browser operating system, a ‘bad' principal would not be allowed to affect other principals, the browser, or the host machine."

Gazelle's kernel is an operating system that "exclusively manages resource protection and sharing across web site principals."

In Microsoft's history of creation, "Web browsers originated as applications that people used to view static web sites sequentially. As web sites evolved into dynamic web applications composing content from various web sites, browsers have become multi-principal operating environments with resources shared among mutually distrusting web site principals. Nevertheless, no existing browsers, including new architectures like IE8, Google Chrome and OP, have a multi-principal operating system construction that gives a browser-based OS the exclusive control to manage the protection of all system resources among web site principals."

Microsoft says "this construction exposes intricate design issues that no previous work has identified, such as legacy protection of cross-origin script source, and cross-principal, cross-process display and events protection."

It believes its prototype implementation "indicates that it is realistic to turn an existing browser into a multi-principal OS that yields significantly stronger security and robustness with acceptable performance and backward compatibility" with existing web applications.

"In the Gazelle model, the browser-based OS, typically called the browser kernel, protects principals from one another and from the host machine by exclusively managing access to computer resources, enforcing policies, handling inter-principal communications, and providing consistent, systematic access to computing devices."

It puts each principal including plug-in content in a separate protection domain by using an OS process.

The hard part's evidently dealing with the "cross-origin" elements embedded in a web site.

Microsoft says "Gazelle's architecture cleanly separates between the act of rendering Web content and the policies of how to display the content. This cross-principal display protection is in stark contrast to commodity browsers that enable these two functions to intermingle, leading to security vulnerabilities."

See http://research.microsoft.com/apps/pubs/default.aspx?id=79655 for the white paper The Multi-Principal OS Construction of the Gazelle Web Browser.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.