[BASICS: Software security for developers]
Wolfgang Kandek, chief technology officer of Qualys, said the added responsibilities would likely overwhelm most developers, but he believed that the process of packaging libraries could eventually be automated within development tools.
"It is an architecture that will require lots of changes on the client side and on the developer side, which is probably why this is not something that will happen overnight," Kandek said.
Indeed, the authors of the paper, Microsoft researchers Jon Howell, Bryan Parno and John R. Douceur, acknowledged that Embassies would require dramatic changes in application development and adoption of the architecture would take years.
While Microsoft described the architecture as a browser replacement, the company also believed it could become a more secure alternative to desktop operating system apps. Shlomo Kramer, president and chief executive of Imperva, said Embassies was "promising in theory," but believed it would not scale to that level.
"The main reason is that it makes collaboration, workflows, sharing of data and transacting across virtual machines very cumbersome," Kramer said.
Matthew Neely, director of research at SecureState, said rather than replace today's browsers, security could be dramatically improved just by developers treating it as an integral part of the development process.
"A lot of people like to focus on new technology to fix something when really if you just apply the basics to what we have already, you can usually get more impact," Neely said.
Sign up for CIO Asia eNewsletters.