Introduction

  In the current highly interconnected computing environments, Web browsers are probably the most popular tool for receiving data over the internet. More often than not, the data come from unauthenticated sources that can potentially be malicious. Since the incoming data often carry active content that will be interpreted on the client machine, in many cases without the users knowledge, a number of attacks become possible.

To interpret active content web browsers often rely on helper applications, that become security critical since they operate on untrusted data. These applications which are often buggy [11], execute with the users privileges and can therefore compromise the security of the system. Furthermore the browsers also interpret code like JavaScript and VBScript [6], making the browser itself vulnerable .

In this paper we present the architecture of a secure web browser. Our system is designed to address the problems that plague the popular Web browsers by using support offered by the operating system. We built our prototype on SubOS [12]. SubOS is an operating system that offers process-specific protection mechanisms, which we will explain in Section .

The paper is organized as follows. In Section we discuss the motivation behind this work. In Section we give a brief background description of a SubOS-capable operating system. In Section we present the architecture of our system. In Section we discuss related work, and finally we conclude in Section .