Access your Pro+ Content below.
Is New Google Chromium OS a Security Game-Changer?
This article is part of the December 2009 issue of Information Security magazine
Google's new cloud-based Chromium operating system, slated to debut in the second half of 2010, may not immediately change the way attacks are carried out, but if the OS is successful in gaining broad adoption, it could have a far-reaching impact in the way security is deployed, says a group of Web security experts. Google announced in July that its engineers have been busy designing a lightweight operating system, built using the architecture of its Chrome browser on a modified Linux kernel. In a November press briefing, Google engineers praised the OS's ability to isolate processes, sandboxing them in a way that could make it more difficult for attackers to run malware undetected on a victim's machine. Chromium also uses encryption for any cached user data stored locally, but is also heavily cloud-based, with virtually all data and applications stored and running on Google servers. While Google engineers are using a number of new techniques to harden the OS from external attacks, cybercriminals have consistently shown they are...
Access this Pro+ Content for Free!
Features in this issue
Google says Chromium's process isolation and sandbox security features harden the OS from attack.
Use this checklist to ensure you're following the basics for securing database systems.
Enterprises need to make sure a SaaS provider has the proper security controls to protect sensitive data before a contract is signed
Forget structure-driven policy architecture; we'll show you how to build information security policy artifacts using a taxonomy approach that will help you build global policies in a snap.
Columns in this issue
The HITECH Act, part of the economic stimulus bill, is intended to foster electronic medical records systems adoption, but will also introduce security and privacy risks to patient medical and billing data.
Six months since President Obama announced he would appoint a cybersecurity coordinator, the position sits vacant. Do you care?