Late last week, Microsoft Research released an interesting paper [PDF] about a Web browser it calls Gazelle that’s constructed in such a way to act like an operating system with the browser kernel exclusively protecting resources and sharing across Web sites.
The idea behind Gazelle is to create a browser that is more secure for the now typical dynamic pages we find on the Web. According to Microsoft, Gazelle is different as no existing browsers, including new architectures, have a multi-principal operating system constructed in such a way that provides the browser-based OS exclusive control to manage the protection of all system resources.
“Gazelle’s security model is centered around protecting principals from one another by separating their respective resources into hardware-isolated protection domains. Any sharing between two different principals must be explicit using cross-principal communication (or IPC) mediated by Browser Kernel.”
The research team claims it has successfully browsed 19 of the 20 most popular sites as reported by Alexa with its prototype, but admits the performance of the prototype was only “acceptable.” The paper also includes an in-depth comparison of Gazelle’s architecture and security with Google Chrome, OP and IE8.
But before you go and read it, make sure you realize that it was written by the research team and in no way states it will be developed by the IE team; there is however a glimmer of hope for those who think it would be a good idea, and it can be found in the conclusion when the team points out that ‘the implementation and evaluation of our IE-based prototype shows promise of a practical multiprincipal OS-based browser in the real world.”
Still, it’s an interesting read for those who are interested in the technology.