Researchers Secure the Browser
eWeek (03/24/08) Vol. 25, No. 10, P. 16; Naraine, Ryan
Researchers at the University of Illinois at Urbana-Champaign are constructing Opus Palladianum (OP), a new Web browser designed to prevent hacker attacks by partitioning the browser into smaller subsystems and using simple and explicit communication between subsystems. "[The Web] has become a platform for hosting all kinds of important data and businesses, but unfortunately, [existing] browsers haven't evolved to deal with this change and that's why we have a big malware problem," says University of Illinois professor Samuel King, who conceived of OP. King says three unique security features will be employed to demonstrate the browser architecture design's utility. Those components include flexible security policies that accommodate the use of external plug-ins without making third-party developers responsible for security; formal techniques to show that the address bar displayed within the browser user interface always displays the proper address for the current Web page; and a browser-level information-flow tracking system that allows browser-based attacks to be dissected postmortem. OP is currently comprised of five main subsystems--the Web page subsystem, a network component, a storage component, a user-interface component, and a browser kernel--which all run within separate OS-level processes, King says. Communication between each subsystem and between processes, and interactions with the underlying operating system, are handled by the browser kernel. "The browser kernel implements message passing using OS-level pipes, and it maintains a mapping between subsystems and pipes," King says. He says the long-term goal is to devise a cross-platform Webkit version that will be distributed to the open-source community.
Click Here to View Full Article
No comments:
Post a Comment