Finally, Somebody “Gets” Secure Web Browsing and Does It The Right Way

["Ali, Saqib" <docbook.xml () gmail com>]

From:
 
http://www.cerias.purdue.edu/weblogs/pmeunier/reviews/post-148/finally-somebody-gets-secure-web-browsing-and-does-it-the-right-way/

Quoting:
Someone not only thought of a proper security architecture for web
browsers but did it (see "Secure web browsing with the OP web browser"
by Chris Grier, Shuo Tang, and Samuel T. King). There's a browser
kernel, and everything else is well compartmentalized and isolated.
Similarly to the best operating system architectures for security, the
kernel is very small (1221 lines of code), has limited functionality,
and doesn't run plug-ins inside kernel space (I'd love to have no
drivers in my OS kernel as well…). It's not clear if it's a minimal or
"true" micro-kernel — the authors steer clear of that discussion. Even
malicious hosted ads (e.g., Yahoo! has had repeated experiences with
this) are quarantined with a "provider domain policy". This is an
interesting read, and very encouraging.

1. http://www.engr.uiuc.edu/news/?xId=074108160700
2. 
http://www.cerias.purdue.edu/weblogs/pmeunier/reviews/post-148/finally-somebody-gets-secure-web-browsing-and-does-it-the-right-way/


saqib
http://doctrina.wordpress.com/