What is Site Isolation in Web Brower's? How it Works.

  

What is Site Isolation in Web Brower's?

Site Isolation is a security feature that offers additional protection against some types of security bugs.  It makes it harder for untrustworthy websites to access or steal information from your accounts on other websites.

 


Websites typically cannot access each other's data inside the browser, thanks to code that enforces the Same Origin Policy.  Occasionally, security bugs are found in this code and malicious websites may try to bypass these rules to attack other websites. 

 

Site Isolation offers a second line of defence to make such attacks less likely to succeed.  It ensures that pages from different websites are always put into different processes, each running in a sandbox that limits what the process is allowed to do.  It also makes it possible to block the process from receiving certain types of sensitive data from other sites.  As a result, a malicious website will find it much more difficult to steal data from other sites, even if it can break some of the rules in its own process.

 

How Site Isolation works

The new Site Isolation security architecture acts as an additional security boundary between sites, and it works by completely separating users' web content, loading all sites in separate processes.

Thus, it prevents malicious websites from accessing private data (including passwords, credit card numbers, or other sensitive info) loaded from other sites.

For instance, with this new feature enabled, Browser's can protect users from attackers exploiting Meltdown and Spectre vulnerabilities that allow them to harvest sensitive data by reading memory content anywhere within a process's address space.

"Isolating each site into a separate operating system process makes it even harder for malicious sites to read another site’s secret or private data."



Besides obvious security advantages, Site Isolation also comes with performance Benefits:

  • By placing more pages into separate processes, we can ensure that doing heavy computation or garbage collection on one page will not degrade the responsiveness of pages in other processes.
  • Using more processes to load websites allows us to spread work across many CPU cores and use the underlying hardware more efficiently.
  • Due to the finer-grained separation of sites, a subframe or a tab crashing will not affect websites loaded in different processes, resulting in improved application stability and better user experience.

 

 

 

Location: Mumbai, Maharashtra, India

Comments

Post a Comment

Popular posts from this blog

What Is System Attacks ? Types OF System Based Attacks

Image
System Based Attack It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. Type OF System Based Attacks -  1. Virus It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system. Type OF Virus RESIDENT VIRUS :   Resident viruses set up shop in your RAM and meddle with your system operations. They’re so sneaky that they can even attach themselves to your anti-virus software files. MULTIPARTITE VIRUS : This virus infects the entire system. Multipartite viruses spread by performing unauthorized actions on your operating system, fol
Read more

What is a Firewall?

Image
 In the game of network security, you are either secure or you are not; there exists no middle ground. If a computer is connected to the Internet connection, it is vulnerable to online attacks. The only difference is some computers could be more susceptible than others. Look at this global cyber-security statistics to get a clear picture – a Veronis report highlights that cyber-criminal attack the internet every 39 seconds and 2,244 times daily on average. Data breaches had already exposed about 4.1 billion data in 2019. All kinds of businesses, no matter what their sizes are have become a target, especially small-scale businesses. It impacts their reputation, costs them in millions, and compromises their customer data. This information is enough to understand that a barrier must be there to protect users from threats coming online. What is a Firewall?   In the computing language, a firewall is a security software or hardware that can monitor and control network traffic, both incoming
Read more