Monday, June 14, 2021

W3C to Workshop Web Security

Dissatisfied with the way the current security methods that protect people using the Internet, the World Wide Web Consortium (W3C) will conduct a two-day workshop to discuss better options.

The W3C is calling for position papers on Web authentication, the process of verifying that a Web user is really who he or she claims to be, from Web security experts, software developers, browser manufacturers, and even their customers.

The papers will be presented at a workshop, scheduled to hit New York City March 15 and 16, which is expected to focus on ways browser vendors and e-commerce service providers can work together to improve security.

The W3C argued that the Web must be a safer place where users can do anything from basic browsing to complex transactions.

“Gaps in practical security on the Web make all users easy targets for fraud. Despite broad availability of security technologies, the Web community (browser developers, Web site operators, users) lack agreement on how to help avoid the most basic types of fraud,” the W3C said.

Standards bodies have specifications and standards to keep Web users from conducting fraudulent Web services transactions.

For example, the Liberty Alliance and OASIS have created federation protocols to allow companies to safely conduct business over the Web.

But no one has really addressed the Web’s security foundation, which is where vulnerabilities start, W3C spokesperson Janet Daly said. Web security today depends on Transport Layer Security (TLS), an IETF protocol that is wrapped around HTTP (define) transactions to authenticate endpoints and ensure private communications.

Current perpetrators get around the technically solid TLS security layer because the protocol implementations don’t let users know what kind of security is in place, and with whom they are communicating.

So attackers can bypass these security mechanisms without users noticing.

This article was first published on InternetNews.com. To read the full article, click here.

Similar articles

Latest Articles

Top Data Visualization Tools...

The amount of data generated and consumed by organizations is growing at an astounding rate. The total volume of data and information worldwide has...

The Data Capture Market

Data capture is the process of collecting, ingesting, or otherwise acquiring structured and unstructured data and either converting it into a data format usable...

NVIDIA and the Move...

NVIDIA recently held a Q&A with its visionary CEO Jensen Huang.   While the Q&A this week focused on NVIDIA’s announcements at Computex, his opening and...

Acquia Updates Open Digital...

BOSTON – Acquia’s Drupal-based customer experience (CX) platform is looking different to enterprise users. Acquia made updates last quarter across its three-part Open Digital Experience...