Microsoft researchers have developed the prototype of a client-side architecture that would replace the Web browser with a much more secure virtualized environment that isolates Web applications.
Called Embassies, the technology would have applications run in low-level, native-code containers that would use Internet addresses for all external communications with applications. The architecture is based on the notion of a "pico-datacenter," a client-side version of a shared server datacenter.
"Since the datacenter model is designed to be robust to malicious tenants, it is never dangerous for the user to click a link and invite a possibly hostile party onto the client," Microsoft researchers said in a paper presented this month at the USENIX Symposium on Networked System Design and Implementation.
The problem Microsoft is trying to solve is the insecurity of today's browsers, brought on by their complexity. In the 1990s, when browsers were introduced, the software was mostly responsible for formatting Web pages that were text, links and simple graphics.
Today's browsers have many more application programming interfaces (APIs) that are used for far more complicated tasks, such as video, animation and 3D graphics. This high level of complexity has brought a never-ending string of vulnerabilities that hackers can exploit.
"I think [Embassies is] an interesting idea and shows enough promise to be worth additional investigation and investment," Jason Taylor, chief technology officer of Security Innovation, said on Friday. "The premise of strong isolation for each Web application versus isolation for the browser itself is intriguing."
Embassies is Microsoft's attempt to present a simpler alternative than the browser. The architecture would provide a simple execution environment that would use only 30 functions in interacting with the client's execution interface (CEI). Displaying content would essentially be a screencast from the container to the user's screen.
The simplicity of the environment would require developers to do more than they do now in building applications for a browser, which provides lots of libraries through the APIs. With Embassies, developers would be responsible for packaging their own libraries with their applications, a difficult process that in effect would hand security responsibilities to the developer. If malicious code gets in, the container would theoretically prevent it from infecting the computer.
That approach has its skeptics. "The problem with the idea is that developers of web applications are often terrible at security and the idea that you are going to make them the ones responsible for the security instead of the web browser developer just seems like out of the frying pan and into the fire," said Peter Bybee, president and chief executive of Security On-Demand. "I think this is more about wishful thinking and less on realistic change."
Sign up for CIO Asia eNewsletters.