This article is more than 1 year old

Microsoft boffins devise 'secure' Gazelle browser

Better than IE and Chrome

Microsoft has developed a browser whose security it says beats many of today's generation of browsers, including Internet Explorer and Google's Chrome.

But there's catch or two: It's slower and uses more resources than IE 7, and you can't get your hands on it.

Microsoft Research has devised a prototype of IE running on Windows Vista where the browser acts like a self-contained operating system. The browser uses a kernel Microsoft Research calls Gazelle, and it's architecture is outlined in a recently published white paper available here (warning: PDF).

Gazelle was built to expose the challenges involved in constructing a secure browser, such as the ability to work with legacy code like DOM and JavaScript, cross-origin script source and cross-process display.

Gazelle is designed to address the fact that browsers like IE and Chrome have not been built by design to handle multiple processes or work securely across different domains. This slows their performance and exposes the browser and client to malicious code.

"Our prototype implementation and evaluation experience indicates that it is realistic to turn an existing browser into a multi-principal OS that yields significantly stronger security and robustness with acceptable performance and backward compatibility," Microsoft Research said.

The browser and Gazelle are unlikely to see the light of day as this was a Microsoft Research effort designed as a "what if" scenario. Also, the isolation process and need to funnel principal calls centrally seemed to slow things down and increase the memory demanded.

Gazelle was slower and required more memory than IE 7 on new tabs for a blank page and Google.com, navigating from Google.com to Google.com/ads and navigating to the NYtimes.com with a cross-origin frame. Gazelle only beat IE 7 on start-up.

Still, at least we know what's possible. ®

More about

TIP US OFF

Send us news


Other stories you might like