Securing the Open Web Platform
One of the Web's greatest strengths is its generalityits openness to new links and unexpected uses. Openness also means that different applications and users have different security goals and threat models: a mash-up desired by one may be dangerous to another. Wendy Seltzer explores design patterns and modularity to support a platform for trustworthy application development.
| Talk Title | Securing the Open Web Platform |
| Speakers | Wendy Seltzer (W3C MIT) |
| Conference | O’Reilly Open Source Convention |
| Conf Tag | |
| Location | Austin, Texas |
| Date | May 16-19, 2016 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
One of the Web’s greatest strengths is its generality—its openness to new links and unexpected uses. Openness also means that different applications and users have different security goals and threat models: a mash-up that’s desired by one may be dangerous to another. As stewards of the Open Web Platform, W3C aims to accommodate these different needs through modular components, including work on user security and authentication, cooperative policy enforcement, and platform-level reviews. W3C’s Wendy Seltzer explores design patterns and modularity to support a platform for trustworthy application development. Wendy discusses what’s already been done, what’s in progress, and where to look next to support an environment for trustworthy application development. Wendy also talks about broader patterns. While we can’t guarantee the security of “the Web” as an application platform, we can make it easier for authors to write secure web apps and for users to distinguish those they trust. Can we take the hard-earned lessons of web security to other emerging environments, such as the burgeoning universe of connected things and cars? Can we get both security and space for innovation? Topics include:
