You are here: silicon.com > Resources > White Papers > Software and Web Development > Internet and Web > Web Browsers

Web Browsers White Papers

The Security Architecture of the Chromium Browser

Tags:
web browsers

Overview Most current web browsers employ a monolithic architecture that combines "The User" and "The Web" into a single protection domain. An attacker who exploits arbitrary code execution vulnerability in such a browser can steal sensitive les or install malware. This paper presents the security architecture of Chromium, the open-source browser upon which Google Chrome is built. Chromium has two modules in separate protection domains: a browser kernel, which interacts with the operating system, and a rendering engine, which runs with restricted privileges in a sandbox. This architecture helps mitigate high-severity attacks with-out sacrificing compatibility with existing web sites. It defines a threat model for browser exploits and evaluates how the architecture would have mitigated past vulnerabilities.

Further White Paper Details
Publisher	University of Washington	File Format	PDF
Date Published	April 2009
Format	White Papers
Topics	Web Browsers, Network Security, Security Management

Did you find this white paper useful?

MSDN Webcast: Internet Explorer 8 for Developers (Level 200)

Windows Internet Explorer 8 ushers in a new wave of browser innovation from Microsoft, including Web Slices and Accelerators, while maintaining compatibility with the today's Web standards. The presenter of...

Publisher:
Microsoft

Tags:
web browsers

MSDN Webcast: Designing Creative DHTML, Silverlight UIs: Simple, Visualized & Intuitive (Level 300)

The presenter of this webcast shows off the new point and click Visual WebGui Control & Theme Designer. This designer joins the well known drag and drop Visual WebGui Form...

Publisher:
Microsoft

MSDN Webcast: Silverlight Controls Framework (Level 100)

The presenter of this webcast provides an overview of the Microsoft Silverlight controls and controls model. The presenter shows how to use Silverlight controls and how to make minor visual...

Publisher:
Microsoft

Tags:
web browsers

The Security Architecture of the Chromium Browser

Most current web browsers employ a monolithic architecture that combines "The User" and "The Web" into a single protection domain. An attacker who exploits arbitrary code execution vulnerability in such...

Publisher:
University of Washington

Tags:
web browsers

Leading TV and Online Sports Broadcaster Raises the Bar With Microsoft Silverlight

Founded in 1992 and based in London, Setanta Sports is a leading Internet and pay-TV sports broadcaster, operating channels in the U.K., Ireland, North America, and Australia. Setanta wanted to...

Publisher:
Microsoft

Tags:
web browsers

"Highly critical" Mac OS X kernel hole unearthed

The proof-of-concept code exploits a security hole in the way Apple's operating system handles disk image files, the researcher wrote on a blog devoted to a 'Month of Kernel Bugs' campaign which promises to reveal details of a new flaw in low...

Web 2.0 threat looms

Existing vulnerabilities in browsers and Java can allow hackers to compromise users' machines through malware and access confidential information. XSS is one of the top 10 web application vulnerabilities identified by the Open Web Application...

Microsoft: Trojan threat is rising

Vulnerabilities are decreasing but becoming easier to exploit; Trojans are the biggest threat; and Chinese computers are infected with more browser-based exploits than anywhere else. For instance, China has a high level of browser-based exploits...

Channel:
Malware
Tags:
malware,
china,
trojan,
microsoft

Microsoft: IE at risk from security hole

Microsoft has seen several hundred detections of exploits from around the globe, though the sites taking advantage of the vulnerability appear to be hosted on Chinese domains, Microsoft said in a Microsoft Malware Protection Center blog.

Is Chrome ready to shine when it comes to security?

Chrome does a great job of protecting against exploits of vulnerabilities in which attackers sneak code through a hole in the browser to install malware or run code on the computer, experts said. However, any comparisons to the number of exploits...

Apple's Mac OS 'lagging behind Vista on security'

The Snow Leopard website says it will offer protection against some common types of heap buffer overflow exploits but not new types of such memory overflow exploits, according to Dai Zovi. He offered up a wishlist for Snow Leopard that included...

Featured White Papers

Harnessing the Power of Location Intelligence in the Public Sector

Throughout the world, public services today are under pressure. The current economic climate, where taxreceipts are naturally suppressed, provides very seriousfunding challenges. Moreover, in good times and bad, increasing regulation at the regional and national level is imposing additional duties and responsibilities on the public services without additional resources to carry them out. Store closures are changing the urban landscape. Demographic and/or economic change isincreasing demand for health and social services.Demand for decreased crime rates is focusing minds in law enforcement. And the threat of internationalterrorism is forcing greater contingency duties on the emergency services. The net result is a need to do more with lessquite a challenge.

Publisher:
Pitney Bowes

Buyers' Guide - How to ease the shift to mobile working

With momentum building behind mobile working, are higher costs inevitable when moving staff to laptops? Not necessarily. In fact it's possible to emerge with lower management overheads - and tighter security. Read on to find out more.

Publisher:
Intel

IBM Virtualization Services

Virtualization is a powerful technology and can have profound effects on the datacenter; however, it should be viewed as a component of an overall IT strategy that will be able to support the enterprise's needs. IDC recommends that enterprises look at theentire architecture and determine how to best deploy virtualization