Talk:COMP 3000 Essay 2 2010 Question 2
Comments & Discussion
Brief description of the research problem below. (Still Needs expanding/fleshing out. can anyone help expand on why exactly shrinking the TCB will be more secure. I'm fuzzy on that)
The IBOS attempts to improve the security of web browsers. The writers argue that the large size of the trusted code bases (TCB) which modern web browsers make use of increases the possibility of a security hole. For example a hijacked window manager could be used to draw a fake phishing website overtop a web browser. The researchers solution is drastically shrinking the size of the TCB. The TCB is shrunk by turning the web browser into an operating system in itself with direct access to hardware abstractions.
Atubman 03:36, 2 December 2010 (UTC)
EDIT: I've pretty much explained the background concept behind IBOS and I kind of added the way it's executed near the end. Feel free to move that into the research section.
I can work on the background of IBOS
--Selliot3 23:03, 22 November 2010 (UTC)
It seems we only have 5/7 members. We should start splitting up the tasks and assign who gets what. So if everybody writes what section they would like to work on that would be great.
--Youcef M. 15:19, 20 November 2010 (UTC)
I'll do the contribution section. I'll be reading through the paper thoroughly today and taking notes as I go. I'll post them later on this page as a sort of cheat-sheet/reminder. --Gsmith6 17:45, 25 November 2010 (UTC)
Group Members
Leave your name and e-mail address if you are assigned to this question.
Youcef M. moussoud@gmail.com
I am alive and still in the class, selliot3@connect.carleton.ca
--Selliot3 18:12, 15 November 2010 (UTC)
Still in the class, andrewtubman84@gmail.com
I'm here. I have received an email reply from John Vanden Heuvel as well (he may not see this) gsmith0413@gmail.com --Gsmith6 22:31, 15 November 2010 (UTC)
I am here... and replied to the email
Question 2 members
Elliott Charles selliot3
Moussoud Youcef ymoussou
Pharand Alexandre apharan2
Smith Geoffrey gsmith6
Tubman Andrew atubman
Vanden Heuvel John jvheuvel
Vivekanandarajah Vijitharan vviveka2
Raw Information
The web itself is ubiquitous which a person can use for communication; banking, business, social networking and it can be useful for other purposes. There are different type of vulnerabilities web applications, browser, OS and library vulnerabilities. Insecure web browsers are monolithic, and they are easy to exploit. Secure web browser such as chrome isolate web applications and it still contain huge trusted computing base (TCB). Browser abstractions as the first-class OS, contains reduced TCB for web browser and it also have protection to withstand attacks to most components. vG
Extra Resources
http://www.cs.uiuc.edu/homes/stang6/ibos.html#slide1 I found some presentation slides by Shuo Tang, Haohui Mai and Sam King, the authors and developers of IBOS --Gsmith6 22:35, 25 November 2010 (UTC)