W3C Launches Secure Browsing Initiative."Security Context" Important Step Toward Fraud Prevention http://www.w3.org/ -- Recognizing the challenges people face when browsing the Web, W3C (World Wide Web Consortium, www.w3.org) An international industry consortium founded in 1994 by Tim Berners-Lee to develop standards for the Web. It is hosted in the U.S. by the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT (www.csail.mit.edu/index.php). today launched an initiative to build a foundation for a more secure Web. The new Web Security Context Working Group will propose standards that will enable browsers to do a much better job helping people make proper trust decisions. "When I'm browsing the Web, I want my browser to help me understand who really is the owner of a Web page," said Tim Berners-Lee, W3C Director. "There is much deployed and proven security technology, but we now need to connect it all the way through to the Web user. A Web browser The program that serves as your front end to the Web on the Internet. In order to view a site, you type its address (URL) into the browser's Location field; for example, www.computerlanguage.com, and the home page of that site is downloaded to you. acts on my behalf as I surf the Web, and I need more help from it to avoid being spoofed." The group's mission is threefold: to build consensus around what information people need from browsers in order to understand their "security context," to find innovative ways to present this information and raise awareness, and to suggest ways to make browsers less susceptible to spoofing of user interfaces that are used to convey critical security information to end users. Successful Security Workshop Culminates in Focus on Security Context W3C chartered this new work after a successful Workshop on Usability and Transparency of Web Authentication in March 2006. That Workshop paired Google, HP, IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) , KDE (K Desktop Environment) A GUI-based user interface primarily for Unix and Linux machines, but also available for Windows and Mac. The source code is freely distributed and is maintained by developers around the world. , Microsoft, Mozilla, Nokia, Opera, Sun Microsystems, VeriSign, Yahoo! and many other organizations with leaders of the online finance community to learn about real world threats. The Workshop demonstrated that there is significant interest in the areas of secure interfaces and the data required from content providers to enable those interfaces. W3C therefore anticipates strong participation by browser vendors, security experts, research institutes, financial institutions, and end users in the new group. The group will also coordinate with other organizations that have expertise in this area, including the IETF See Internet Engineering Task Force. IETF - Internet Engineering Task Force , OASIS, and Liberty Alliance. The charter of the Web Security Context Working Group is the result of public discussion and review. Per the charter, the group will continue to conduct its technical work in public and will operate under the W3C Royalty-Free Patent Policy. Mary Ellen Zurko of IBM serves as Chair of the Web Security Context Working Group. The group is part of W3C's Security Activity, led by Thomas Roessler. About the World Wide Web Consortium [W3C] The World Wide Web Consortium (W3C) is an international consortium where Member organizations, a full-time staff, and the public work together to develop Web standards. W3C primarily pursues its mission through the creation of Web standards and guidelines designed to ensure long-term growth for the Web. Over 400 organizations are Members of the Consortium. W3C is jointly run by the MIT Computer Science and Artificial Intelligence Laboratory  It has been suggested that and be merged into this article or section. (MIT MIT - Massachusetts Institute of Technology CSAIL CSAIL Computer Science & Artificial Intelligence Laboratory (MIT)CSAIL Computer Science and Artificial Intelligence Lab ) in the USA, the European Research Consortium for Informatics and Mathematics (ERCIM ERCIM - European Research Consortium on Informatics and Mathematics. An association of European research organisations promoting cooperative research on key issues in Information Technology. ) headquartered in France, Keio University in Japan, and has additional Offices worldwide. For more information see http://www.w3.org/ |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion