The Multi-Principal OS Construction of the Gazelle Web Browser.

In this paper, we introduce Gazelle, a secure web browser constructed as a multi-principal OS. ... to manage the protection of all system resources among web site principals. ... We also thank the following folks for their help: Barry Bond, Jeremy Condit, Rich Draves, David Driver, Jeremy Elson, Xiaofeng Fan, Manuel Fandrich, Cedric Fournet, Chris Hawblitzel, Jon Howell, Galen ...

dblp:conf/uss/WangGMKCV09 fatcat:fxiwz3a7mbfg3brvv73ocae3mi

The multi-principal OS construction of the Gazelle web browser, Proceedings of the 18th USENIX Security Symposium, Montreal, Canada, August 2009. ... The hegemony of the desktop OS is starting to fracture with the emergence of a new generation of browsers that may finally herald the long-awaited convergence of Web and OS. ... With the OP browser, researchers at the University of Illinois at Urbana-Champaign explored applying OS principles to Web browser design by breaking the browser program into smaller subsystems. ...

doi:10.1145/1610252.1610260 fatcat:3qiugduhrzd3vd5jtrgpycwt4y

We describe our implementation of a prototype of ESCUDO in the Lobo web browser, and illustrate how web applications can use ESCUDO for securing their resources. ... We argue that this disconnection between the protection needs of modern web applications and the protection models used by web browsers that manage those applications amounts to a failure of access control ... New browser architectures: The OP web browser isolates each web page instance and various browser components using OS processes [14] . ...

doi:10.1109/icdcs.2010.71 dblp:conf/icdcs/JayaramanDRC10 fatcat:7gaztmgmwjfbbicw665vd4e62u

Demand for more advanced Web applications is the driving force behind Web browser evolution. ... In this paper we present a systematization of cross-context communication systems for Web browsers. ... Acknowledgements The authors acknowledge the support of the Ministry of Science, Education, and Sports of the Republic of Croatia through the Computing Environments for Ubiquitous Distributed Systems ...

arXiv:1108.4770v1 fatcat:vvknry637raptds6jch2vrut7q

Open Access

Thus, web applications that desire robustness must use a variety of conditional code paths and ugly hacks to deal with the vagaries of their runtime. ... like the current browser runtime. ... Thus, in contrast to prior microkernel browsers, Atlantis is more accurately described as an exokernel browser [16] in which web pages supply their own "library OSes" that implement the bulk of the web ...

doi:10.1145/2043556.2043577 dblp:conf/sosp/MickensD11 fatcat:b2vc4lzp5fg7depjgsj7a4zeey

While the goal of containment is far from new, the requirement of deployability leads us to a new design point, one that applies the OS ideas of sandboxing and virtualization to the JavaScript context. ... Our approach, called TreeHouse, sandboxes JavaScript code by repurposing a feature of current browsers (namely Web Workers). ... The site includes the code that implements Tree-House, the pages used in our experiments, and demos. ...

dblp:conf/usenix/IngramW12 fatcat:i3ciyc3mwfh6pjg5qt4rllymve

Web browsers mediate access to valuable private data in domains ranging from health care to banking. ... We give a specification of our kernel, show that the implementation satisfies the specification, and finally show that the specification implies several security properties, including tab non-interference ... We would also like to thank our shepherd, Anupam Datta, and the anonymous reviewers for helping us improve our paper. ...

dblp:conf/uss/JangTL12 fatcat:nohyd6q6mrh7vkpgnlh3i6jq4i

Since their inception, the usage pattern of web browsers has changed substantially. ... Rather than sequentially navigating static web sites, modern web browsers often manage a large number of simultaneous tabs displaying dynamic web content, each of which might be running a substantial amount ... Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation. ...

doi:10.1145/1993478.1993496 dblp:conf/iwmm/WagnerGWEF11 fatcat:oxgndv5o7neppibraxai6fkto4

Popup blocking, form filling, and many other features of modern web browsers were first introduced as thirdparty extensions. New extensions continue to enrich browsers in unanticipated ways. ... We formalize the semantics of policies in terms of a safety property on the execution of extensions and develop a verification methodology that allows us to statically check extensions for policy compliance ... Acknowledgements: We thank Juan Chen, Cédric Fournet, Ben Lerner, Jean Yang, and the anonymous reviewers for both useful feedback and assistance with this work. ...

doi:10.1109/sp.2011.36 dblp:conf/sp/GuhaFLS11 fatcat:oi4li2lc4japvn4ammv7b5vrry

At the top level, we consider two principal aspects: mechanism and policy. Each aspect is broken down into salient dimensions that describe key properties. ... Security isolation is a foundation of computing systems that enables resilience to different forms of attacks. ... Any opinions, conclusions or recommendations expressed in this article are those of the authors and do not necessarily reflect the views of the funding agencies. ...

doi:10.1145/2988545 fatcat:5llqb3ghnjgghh2yye4vqslz4y

The webinos project defines and delivers an open source web application runtime compatible with a wide range of smart devices, including smartphones, tablets, PCs, in-car systems and set-top boxes. ... It provides a set of recommendations and describes the outstanding weaknesses and issues of which webinos stakeholders may need to be aware. ... /portal/wac-2.0-spec 8.146.Wang2009 Wang, Helen J. and Grier, Chris and Moshchuk, Alexander and King, Samuel T. and Choudhury, Piali and Venter, Herman The multi-principal OS construction of the ...

doi:10.5281/zenodo.1147031 fatcat:x53nqshe7jfqrnbq6urpvsj2ra

Open Access

Modern OSes such as Android, iOS, and Windows 8 have changed the way consumers interact with computing devices. ... As users direct this workflow between applications, it is dicult to predict the consequence of each step. ... Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the funding agencies. ...

doi:10.1145/2508859.2516677 dblp:conf/ccs/NadkarniE13 fatcat:pryzgt6nrvbw3bwbahs7a2c6ja

An increasing number of users perform their daily computing tasks entirely within the web browser, turning the Web into an important platform for application development. ... The Web as a platform, however, lacks the computational performance of native applications. ... Microsoft Research has presented Gazelle, the idea of the web browser as a "multi-principal OS for web site principals", in which the browser kernel manages resource protection exclusively [Wang et al ...

doi:10.18452/16451 fatcat:racqnzleubghfkj4doyzueqmqu

Open Access

of web browsers, and 2) securing inter-applicationcommunication protocols via program verifi cation. ... They can be caused by a multitude of factors, including weaknesses in browsers' security policies anddevelopers' misinterpretations of web protocols (e.g., OAuth and OpenId). ... We can simulate the state benefits of using a separate browser for an app with a single multi-process browser. ...

doi:10.1184/r1/7334297.v1 fatcat:a44vujdjozdlvjbagnt4ev6bdy

Furthermore they must start to evade predators and find food before this construction process is complete. ... Deep RL offers a rich framework for studying the interplay among learning, representation and decision-making, offering to the brain sciences a new set of research tools and a wide range of novel hypotheses ... Acknowledgements: This research is funded by the National Science Foundation (grants #1822517 and #1921515 to SJ), the National Institute of Mental Health (grant #MH117488 to SJ), the California Nano-Systems ...

doi:10.1186/s12868-020-00593-1 pmid:33342424 fatcat:edosycf35zfifm552a2aogis7a

DOAJ

The Multi-Principal OS Construction of the Gazelle Web Browser

Preserved Fulltext

Ready for a Web OS?

Preserved Fulltext

ESCUDO: A Fine-Grained Protection Model for Web Browsers

Preserved Fulltext

A Classification Framework for Web Browser Cross-Context Communication [article]

Preserved Fulltext

Atlantis

Preserved Fulltext

Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves

Preserved Fulltext

Establishing Browser Security Guarantees through Formal Shim Verification

Preserved Fulltext

Compartmental memory management in a modern web browser

Preserved Fulltext

Verified Security for Browser Extensions

Preserved Fulltext

A Study of Security Isolation Techniques

Preserved Fulltext

Webinos Project Deliverable: Phase 2 Security Framework

Preserved Fulltext

Preventing accidental data disclosure in modern operating systems

Preserved Fulltext

Effects and opportunities of native code extensions for computationally demanding web applications [article]

Preserved Fulltext

Protecting Incorrectly Implemented Web Applications From Online Adversaries

Preserved Fulltext

29th Annual Computational Neuroscience Meeting: CNS*2020

Preserved Fulltext