COMP 3000 Essay 2 2010 Question 2: Difference between revisions
Line 29: | Line 29: | ||
=References= | =References= | ||
You will almost certainly have to refer to other resources; please cite these resources in the style of citation of the papers assigned (inlined numbered references). Place your bibliographic entries in this section. | You will almost certainly have to refer to other resources; please cite these resources in the style of citation of the papers assigned (inlined numbered references). Place your bibliographic entries in this section. | ||
Trust and Protection in the Illinois Browser Operating System. http://www.cs.uiuc.edu/homes/stang6/ibos.html#slide1 |
Revision as of 03:18, 2 December 2010
Paper
Trust and Protection in the Illinois Browser Operating System
http://www.usenix.org/events/osdi10/tech/full_papers/Tang.pdf
Shuo Tang, Haohui Mai, Samuel T. King
University of Illinois at Urbana-Champaig
Background Concepts
The Illinois Browser Operating System (IBOS) is not just a new browser to improve security, it is also a full operating system. It’s main goal is to expose browser-level abstractions at the lowest possible software layer, reducing the trusted computing base for web browsers. Many websites and web applications have become major targets for attackers and hackers. Just recently, cross-site scripting has become the most common security vulnerability over the age old buffer overflow.
Plenty of research has gone in to improving security among the various web browsers on the market today but all browsers still remain susceptible to attacks on the lower layers. Compromised Ethernet drivers can send sensitive HTTP packets to third parties, compromised storage modules can send persistent data to unwanted viewers and compromised window managers can overlay fake interfaces common in phishing attacks. Common web browsers run on top of commodity operating systems with shared system services and user-mode libraries, increasing the trusted code base. IBOS looks to solve this issue by exposing browser-level abstractions rather than just general-purpose abstractions. Important concepts such as cookies, HTTP connections and tabs for displaying pages are all brought into the browser abstraction layer.
Research problem
What is the research problem being addressed by the paper? How does this problem relate to past related work?
Contribution
What are the research contribution(s) of this work? Specifically, what are the key research results, and what do they mean? (What was implemented? Why is it any better than what came before?)
Critique
This paper was very well organized and executed. It naturally flows and keeps order in what it is trying to explain without the need to flip back and reference another piece of content in the paper. Starting with the core mechanics of why it is needed to how the kernel is organized and working its way up to many high-level pieces of information it felt like a natural progression of ideas, giving you the information you need to understand upcoming concepts.
!! Don't forget to erase this !! What is good and not-so-good about this paper? You may discuss both the style and content; be sure to ground your discussion with specific references. Simple assertions that something is good or bad is not enough - you must explain why.
References
You will almost certainly have to refer to other resources; please cite these resources in the style of citation of the papers assigned (inlined numbered references). Place your bibliographic entries in this section.
Trust and Protection in the Illinois Browser Operating System. http://www.cs.uiuc.edu/homes/stang6/ibos.html#slide1