Improving Chrome's Security Architecture

Improving Chrome's Security Architecture

Speaker: Charlie Reis

Charlie Reis is the Tech Lead for the Chrome Security Architecture team within Chrome Security. He has worked on Chrome's process model and navigation logic since 2008, and he led the design and implementation of Site Isolation in Chrome. Prior to joining Google, he completed his PhD in web browser architecture at the University of Washington in 2009.

Abstract

Web browsers face a challenging security landscape, where complex legacy codebases are expected to safely run untrustworthy code. This talk will outline some of our recent efforts to improve Chrome's security architecture to make the browser safer for users. Using Site Isolation as an example, I will highlight the benefits and challenges of adopting research architecture ideas in production, the importance of aligning a system's security architecture with underlying OS-provided abstractions, and the role of evolving the platform itself to respect challenges in the system's architecture.