Tuesday, November 14, 2006

Web Security is still primitive

The current focus in web security is on fixing existing issues with viruses, phishing etc. This is the main barrier to trust on the internet today - and without trust, internet communities, like any other, will die.

But even if we stopped nearly all of these attacks, security on the web would still be primitive. That's because most web architects interpret 'security' too narrowly.

For example, why do I have have different usernames and passwords on different websites and on my PC? This makes it tricky for me to remember which one to type in, causing security issues like account locking and writing passwords down. And can this be done in a secure enough way that my bank will accept this single password, but that I can choose to remain anonymous on other sites?

And shouldn't I maintain a basic profile that all websites can look up (given my permission), so they all know my latest credit card number or address? And shouldn't there be a central repository where I can find out who knows my details, for example what my phone number is, and where I can accept / deny requests for access to this information?

And how do we solve the 'forgetting problem', where I tell someone a secret and have confidence that immediately after, they forget it? For example, when I use a website to purchase a gift, I don't want them to keep my bank account details, they should be permanently deleted after use. How can I be sure they've actually deleted it?

And how can I use hosted applications, like Salesforce or Google Spreadsheets, while maintaining privacy of my data? Could I store the data locally, but use the application remotely? Or is there a way for me to manage exactly who has access to this data, even though it's hosted remotely?

And should I be able to demand access to all data stored about me by any organization?

Some answers to these questions have already been attempted. Microsoft Passport was supposed to be a security model that all websites could sign up to, but it dissolved. We've recently made some progress in understanding federated security - see the Liberty Alliance, although there is distinct lack of real implementations.

These questions will become increasingly important as the web matures; data privacy and federated accounts will become a huge part of online security. But we're years from being able to address them. Web Security is primitive at best.

No comments: