# Summary: Protection and Communication Abstractions for Web Browsers in MashupOS by: Blain Smith MashupOS's goal of protection is to prevent one principal from compromising the confidentiality and integrity of other principals, while communication allows them to interact in a controlled manner by way of abstractions and communication. They identify four types of content that require support from the Web and browsers: 1. isolated content that is intended to be completely isolated from other sites (domains), 2. access-controlled content that is isolated but allows message passing across domains to give mediated access to the content, 3. open content that allows any domain to access and integrate as the domain’s own content, and 4. unauthorized content that assumes no privileges of any domain. Existing browser abstractions support only isolated content with the `<frame>` abstraction and open content with the `<script>` abstraction, resulting in an all-or-nothing trust model. ## Design abstractions 1. Match all common trust levels 2. Strike a balance between ease-of-use and security 3. Easy adoption and no unintended behaviors ## Introduces new HTML tags MashupOS introduces variaous new HTML tags for developers to use when building websites in order to secure their web content. While this may seem a step in the right direction it would require mass adoption for web developers to learn, implement, and upgrade their web sites. A few of the tags mentioned were `<Sandbox>`, `<OpenSandbox>`, `<ServiceInstance>`, and `<Friv>` all of which act similar to the current standard `<iframe>`, but with additional security policies attached to their uses. Along with these tags come supported APIs in their JavaScript interpreter to support communications between these elements in a secure fashion. ## Perfomance Costs MashupOS takes a big performance hit when performing some very basic web rendering and computation tasks. Most of the web these days is DOM manipulation with Vue, React, etc so the 31% and 59% overhead is unsustainable.