Seven security mechanisms, IE9 enhanced network security protection

The much-anticipated Internet Explorer 9.0 Beta (hereinafter referred to as IE9) will be released in Beijing today. The first Language Pack contains simplified Chinese, which is enough for Microsoft to pay attention to Chinese netizens. IE9's five major features in terms of speed, interface, plug-in management, address bar, and integration with Windows 7 have moved many Internet Explorer fans and Internet users. In addition to the five outstanding performances, Microsoft IE 9 uses the Smart screen filter feature of IE8 to defend against known malicious website attacks.

Maybe Internet users are not disappointed with IE9 this time. Microsoft's rival, Google, unexpectedly gave a thumbs up from its pocket and said to Microsoft, "niu ". Brian rakoski, Google's browser product manager, praised Microsoft's pause in the web browser and said: "People are very pleased with Microsoft's innovation, and I am very happy that IE9 can support fewer scales." He admitted that Microsoft IE9 had been ahead of Google in some categories, but promised that Google would add and subtract similar features out of Chrome within a month or two.

From the perspective of Microsoft's new-generation browser product IE9, Microsoft has made great efforts to improve the security performance of IE in this period of time, and the results are also worth looking forward to by netizens. At present, the performance test scores of IE9 are at the same level as those of Chrome and Firefox open-source browsers. There is still much room for improvement to surpass other browsers in terms of performance. However, the security mechanism in IE9 is also very important, thanks to Microsoft's long-term emphasis on browser security, and IE8's security performance has been highly endorsed by the industry.

The download management feature is added to IE9 released in Beijing today. When the downloaded software is some vicious software, IE9 will prompt a more serious warning. Generally, users usually ignore some warnings when downloading, but after IE9 is used, users can make more accurate decisions on whether to download, because the download management can provide multiple security checks, including virus scanning to ensure that the source of the file to be downloaded is trustworthy. If the download is dangerous, special data will be used to prompt the user. However, the security function of IE9 must be activated before it can be fully used, but it does not need to be updated by the user.

Seven security mechanisms of IE9

1. Sandbox Technology

 

The Sandbox technology and active defense technology have different principles. Active defense is to immediately intercept and terminate the operation when suspicious activities are detected in the program. Sandbox technology allows the program to continue running after suspicious behaviors are detected, and stops when the virus is detected. The practical application process of sandbox technology is to make the suspicious behavior of suspected virus files fully perform in the virtual sandbox, and the sandbox will write down every action of it; when the suspected virus fully exposes its virus properties, the sandbox will perform a rollback mechanism to erase the virus traces and actions and restore the system to a normal state. Microsoft draws on the sandbox Technology in Google Chrome to add the protection Mode (Protected Mode) in IE9 ). In protection mode, the browser's ability to handle potential attacks is greatly improved, and IE 9 also solves the problem of frequent crashes in earlier versions.

2. Intelligent Agent Management

Generally, hackers can bypass security mechanisms such as DEP (Data Execution Protection) and ASLR (address space layout randomization) to launch attacks by exploiting the defective code of some plug-ins in the process. However, in IE 9, all plug-ins are excluded from process management to reduce the possibility of being attacked by plug-ins. With the increasing number of plug-ins and increasingly powerful functions, IE9 attaches great importance to plug-in management.

3. random memory management

 

Rick Moy, president of NSS, an internationally renowned security research institution, believes that the Randomization Memory Management Technology in IE 9 forces hackers to perform very complex operations to determine specific attack targets.

4. Redirection restrictions

When a user accesses an illegal website, it is hijacked to other websites containing malicious code. In this case, the redirection restriction function in IE9 can play its role.

5. Content Security Policy

According to the requirements of the Content Security Policy, Microsoft is obligated to provide users with protection measures against cross-site scripting and Click-Jacking attacks. Another company, Mozilla, has begun deploying this mechanism.

6. Plug-in registration mechanism

IE9 hopes to help users distinguish between plug-ins based on certain mechanisms, so that users can use plug-ins more securely.

7. Secure APIs

By providing secure APIs, direct memory usage is reduced, which greatly reduces the possibility of attacks.

James Pratt, director of Microsoft IE, and Ryan Gavin, senior director of Windows Live project management, once said Microsoft has always paid attention to the development of IE browser security functions.

Garvin pointed out that the current network users are more concerned about identity theft and privacy protection in their computers. People may have different attitudes towards private information sharing, but they have always been opposed to identity theft. Microsoft's operating system and browser can ensure Client Security.

As network applications continue to diversify, the development of online banking, e-commerce, and Web applications will inevitably pose new challenges to browser security. The release of Microsoft IE9 not only sets a direction for the browser industry, provides users with fast and secure Internet access windows.