Microsoft Research has published a new article that explains in more layperson-like terms exactly what its "Gazelle" Web browser is and why the company's researchers believe it's needed.
Microsoft is slated to present a paper on Gazelle at the Usenix Security Symposium in August. At that event, the Gazelle team will describe "the design and construction of a browser that is actually a multi-principal operating system." (A copy of Microsoft's Gazelle Usenix paper is available now.)
I've had Gazelle (the project which started life as "MashupOS") explained to me a couple of times, but I never quite understood it. The new Microsoft-authored article, however, actually helped me understand more about where Microsoft is going with this project.
It's worth reiterating that Microsoft hasn't said when, how or if it plans to commercialize Gazelle. It's not accurate to call Gazelle the next version of Internet Explorer (or replacement for IE) or a future iteration of Windows. For now, it's a Microsoft Research project only. (But most Microsoft Research projects do end up ultimately becoming commercialized in some way, often times years after they first debut.)
Microsoft researchers describe Gazelle's design as that of a "multi-principal OS." What does that mean, exactly? From the new Microsoft Research article:
"In browser parlance, a principal generally equates to a Web site. Given that there is usually just one user at a time on a PC, the sharing of resources is actually across applications from different origins; in the case of Web pages, each page could consist of content from different principals, each staking out a share of computing resources. The browser is therefore the natural choice of application platform for managing principals and resource requests."
Up until the past few years, it's been assumed that applications require operating systems to run. But Web apps don't have this limitation. And because they don't, Web apps often can be less secure. Current-day browsers also don't handle resource management for devices, the new article said.
These are the driving forces behind the way Microsoft Research is architecting Gazelle's "browser kernel." The kernel -- a layer that sits between underlying operating systems and the principals -- will protect principals from one another and from the host machine, according to the article.
The Gazelle team decided "the time has come to apply decades-old operating-system experience to the browser-design space.," the article said. "Gazelle essentially leverages the existing mechanisms of operating systems and tailors them to the needs of Web applications."
If you're interested in where the Softies are going in security, browser design and OS design, the Gazelle article is worth a read....