Microsoft Research, in conjunction with researchers at several prominent technology-oriented universities, has published a thesis on what a new secure Web browser should look like. The paper addresses a number of security issues that have dogged browsers from day one, and gives hints at a possible future direction for Internet Explorer.

The Gazelle Web browser, as it's codenamed, is a "secure web browser constructed as a multi-principal OS," according to the report. It's the outcome of a project under development at Microsoft Research called "MashupOS," which Microsoft has discussed publicly.

In that paper, Microsoft researchers noted that the evolution of the browser "has led to an inadequate security model that forces Web applications to choose between security and interoperation." MashupOS is "a set of abstractions that isolate mutually-untrusting web services within the browser, while allowing safe forms of communication."

The problem, as Microsoft outlined, is that in a Web 2.0 world, you have to choose between convenience or security. The convenience of running mashups has to be countered against the security question of visiting one trusted Web site that may be pulling in applications and services from multiple unknown, untrusted Web sites.

The aim of MashupOS is to provide cross-domain protection that prevents code in one domain from compromising the integrity of other domains, controlling the communication lines between domains, and making minimal changes to the existing Web API to maintain backwards compatibility.

The authors noted that no existing browsers have a multi-principal operating system construction that gives the browser exclusive control to manage the protection of all system resources. In other words, browsers use the operating system's kernel.

This article was first published on