Enabling On-line Commerce

Security, Trust, and Negotiation

Dr. James S. Miller
Domain Leader, Technology and Society
World Wide Web Consortium
MIT Lab for Computer Science

The World Wide Web Consortium

http://www.w3.org

"To realize the full potential of the Web"
Three hosts: MIT, INRIA, Keio University
200+ member organizations
Working groups, Interest groups, Projects
Submissions
Notes, Working Drafts, Recommendations
Sample code

Commerce on the Web

Commerce is based on trust
...and negotiation
...and a legal framework

Trust, not just Security

Do you trust your bank?
Do you know where your money is?
Do you really care?

Elements of Trust

What is said
Who says it
Rules for deciding

Technical Agenda

Metadata
Digital Signatures
Trust Management
Negotiation

Metadata

PICS and RDF (formerly PICS-NG)

Syntax of metadata (statements)
Syntax(es) of metadata schemas
Finding and Transmitting metadata
Processing rules

Resource Description Framework (RDF)

Attribute / value pairs
Values can be
1. Numbers
2. Numbers that appear as names
3. Sorted or unsorted
4. Booleans
5. Strings
6. Structured groupings
Syntax is sufficient for many uses
Schemas specify semantics that enable additional uses
Schemas for building user interfaces, includes internationalisation

Transmitting metadata

Labels connected to objects via any of

Embedding label in object
Transmitting label with object
Requesting label from trusted source
Embedding object in label
Label applies to all entries in a container
Object specifies location of label

Sample PICS Label

Based on older PICS-NG format

Note: RDF is XML-based (not S-Expression)

(pics-2.0
  (label *schema "http://www.w3.org/ActiveCodeCapabilities"
         *for "http://www.mycompany.com/ClasLib/Widget.class"
         f_open  (label includes "*.doc,*.txt"
                        excludes "*.exe,*.com")
         f_close (label includes "*.doc,*.txt"
                        excludes "*.exe,*.com")
         f_read  (label includes "*.doc,*.txt"
                        excludes "*.exe,*.com")
         open_net_connect 
                 (label includes "18.29.0.1"
                        excludes "199.232.240.1")))

Digital Signature Initiative

Provide a mechanism to express in a machine readable form:
signer believes statement about resource
Build on existing technologies
1. Assertions: PICS 1.1 / RDF
2. Signatures: PKCS 7 (etc.), PGP, DSS
3. Certificates: X.509, SDSI 2.0, PGP

Signatures Don't Establish Trust

What do we get with digital signatures alone?

We can establish the integrity of the document
We know the public key of the signer

But...

To trust the information we want to know more: why the signer signed it, who the signer is, and what rules we use to choose whom we trust.

DSig adds Assertions and automatability

signer believes statement about object
Statement is machine readable (PICS/RDF syntax)

Trust Management (REFEREE)

Languages for policies
Based on metadata and signatures
All decisions under policy control
Negotiation (PEP or HTTP-NG)
- Do you have ...?
- Will you use ...?
- I'm using ...
- You must use ...
Putting it Together
- Choosing a payment mechanism
- Loading an applet
- Allowing content into my workplace
Non-technical Issues
- Vocabularies for metadata
- Scenarios
- Motivating vendors
Current Status

See http://www.w3.org
- PICS version 1.1 is a Recommendation
  - Commercial implementations from Microsoft, IBM, NetShepherd
- RDF is an internal working draft
  - Expect public release by October 1
  - Expect rapid deployment based on U.S. political agenda
- DSig 1.0 is a working draft
  - Spec available to members now
  - Freeware implementation about to complete
  - Commercial interest announced in 2.0
- DSig 2.0 is about to launch
  - Likely to be very rapid
  - Expect rapid commercial adoption
  - Plug-and-play will allow incremental adoption
- The technology isn't the gating factor: politics and commercial interest are.