Sunday, June 13, 2021

Microsoft Puts ‘Web Sandbox’ into Open Source

Using a commonly-used open source license, Microsoft on Tuesday released source code for a virtualization technology it developed that is meant to make websites safer from attack. At least, that’s the hope.

The technology, named Web Sandbox, is designed to isolate the different parts of a Web page from each other via virtualization, thus enhancing security. Additionally, it will work with most browsers – not just Microsoft’s (NASDAQ: MSFT).

Web Sandbox, a project of Microsoft’s Live Labs, was released this week under the Apache License 2.0 license, although the company was careful to point out that the project is not sanctioned or sponsored by the Apache Software Foundation.

Microsoft released a community technology preview of Web Sandbox at its Professional Developers Conference (PDC) in Los Angeles in late October. However, more visible projects – for instance, Windows 7 and Windows Azure – got much more attention at the PDC. Web Sandbox was lost in the roar.

That doesn’t mean that it’s not important, however. “There’s a need for more Web standards and interoperability [driven by] the fact that things like cross-site scripting attacks are becoming more common,” Ray Valdes, vice president of Web services at Gartner, told InternetNews.com.

One issue behind the increase in vulnerability is that Web 2.0 sites are often composed of multiple components, combined into so-called ‘mashups.’

“Modern Web pages are made up of pieces that may be served from different locations —maps, visit counters, affiliate programs that run scripts on your page, gadgets built by outside developers, and more,” says a statement on the Live Labs Web Sandbox page.

With so much complexity going on behind the scenes, Live Labs developers were looking for a way to isolate processes that should not be allowed to communicate directly, if at all, with each other. The key is to virtualize each component to more tightly control what it can do to other components or what they could do to it. Thus the term ‘sandbox.’

“The Sandbox is a framework that works on most modern browsers that support … the JavaScript standard, and provides the same features in all modern web browsers. No browser add-ons or changes are required to leverage this technology,” said a blog posting on Microsoft’s Port 25 open source community site.

This article was first published on InternetNews.com. To read the full article, click here.

Similar articles

Latest Articles

Top Data Visualization Tools...

The amount of data generated and consumed by organizations is growing at an astounding rate. The total volume of data and information worldwide has...

The Data Capture Market

Data capture is the process of collecting, ingesting, or otherwise acquiring structured and unstructured data and either converting it into a data format usable...

NVIDIA and the Move...

NVIDIA recently held a Q&A with its visionary CEO Jensen Huang.   While the Q&A this week focused on NVIDIA’s announcements at Computex, his opening and...

Acquia Updates Open Digital...

BOSTON – Acquia’s Drupal-based customer experience (CX) platform is looking different to enterprise users. Acquia made updates last quarter across its three-part Open Digital Experience...