Chromium(Google Chromeブラウザのオープンソースプロジェクト) blogにセキュリティアーキテクチャの紹介があった

Chromium Blog: Security Architecture

Most current web browsers employ a monolithic architecture that combines "the user" and "the web" into a single protection domain. An attacker who exploits an arbitrary code execution vulnerability in such a browser can steal sensitive files or install malware. In this paper, we present the security architecture of Chromium, the open-source browser upon which Google Chrome is built. Chromium has two modules in separate protection domains: a browser kernel, which interacts with the operating system, and a rendering engine, which runs with restricted privileges in a sandbox. This architecture helps mitigate high-severity attacks without sacrificing compatibility with existing web sites. We define a threat model for browser exploits and evaluate how the architecture would have mitigated past vulnerabilities.
この論文では、Chromiumブラウザのセキュリティアーキテクチャを紹介する。Chromiumは2つのモジュールが、別々の領域に隔離される。browser kernelモジュールはOSとのやり取りを行い、もう一つはrendering engine(描画エンジン)で、sandboxの中で、アクセス権も限定される。

(2008/9/12追記) Chromium : For Developers > Design Documents > Process Modelsが和訳されておりました

Process Models - The Chromium Projectsがkuさんにより和訳されておりました。多謝。