Paper

Trust and Protection in the Illinois Browser Operating System

http://www.usenix.org/events/osdi10/tech/full_papers/Tang.pdf

Shuo Tang, Haohui Mai, Samuel T. King

University of Illinois at Urbana-Champaig

Background Concepts

The Illinois Browser Operating System is not just a new browser to improve security, it is also a full operating system. It’s main goal is to expose browser-level abstractions at the lowest possible software layer, reducing the trusted computing base for web browsers. Many websites and web applications have become major targets for attackers and hackers. Just recently, cross-site scripting has become the most common security vulnerability over the age old buffer overflow.

Plenty of research has gone in to improving security among the various web browsers on the market today but all browsers still remain susceptible to attacks on the lower layers. Compromised Ethernet drivers can send sensitive HTTP packets to third parties, compromised storage modules can send persistent data to unwanted viewers and compromised window managers can overlay fake interfaces common in phishing attacks.

Research problem

What is the research problem being addressed by the paper? How does this problem relate to past related work?

Contribution

What are the research contribution(s) of this work? Specifically, what are the key research results, and what do they mean? (What was implemented? Why is it any better than what came before?)

Critique

What is good and not-so-good about this paper? You may discuss both the style and content; be sure to ground your discussion with specific references. Simple assertions that something is good or bad is not enough - you must explain why.

References

You will almost certainly have to refer to other resources; please cite these resources in the style of citation of the papers assigned (inlined numbered references). Place your bibliographic entries in this section.