Coga TF Workshop

“The W3C UK and Ireland office based in the University of Southampton,  kindly hosted a two day meeting of 13 members of the Cognitive and Learning Disabilities Accessibility Task Force (Cognitive A11Y TF) on January 28th and 29th 2019.  The members of the task force came from as far afield as Maryland, Minnesota, Massachusetts and Texas in USA to Israel and in the UK Manchester, Exeter, London and beyond!

The group included the accessibility team from the BBC as well as members working in research or with organisations advising and evaluating all types of digital content and applications for their ease of use with assistive technologies and by those with disabilities.  The discussions were mainly concerned with the next update of the Web Content Accessibility Guidelines (WCAG) that would offer more support for those with different cognitive disabilities and atypical ability profiles to ensure increased  usability and access to the World Wide Web.

Coga TF Workshop group

The task force were incredibly grateful for all the logistical and catering support from the W3C UK and Ireland Office which meant that the two days not only ran smoothly but were also very enjoyable.”

Some Thoughts on The Future of Text Symposium 2017

By Chira Tochia (PhD Researcher, Web Science, University of Southampton)

The Future of Text symposium took place over two days last week at the University of Southampton, co-hosted by W3C UK & Ireland Office. In attendance were over 20 speakers, including Vint Cerf, Doc Searls, Professor Sir Nigel Shadbolt, Professor Dame Wendy Hall, Professor Les Carr, Mark Bernstein and chaired by Frode Hegland.

Professor James Wilkinson, Associate Dean of UoS kicked off the annual event, which is in its 7th year, and opened the floor to the speakers from a variety of backgrounds representing several different institutes and companies. With only 10 minutes each to present and 5 minutes for Q&A it kept the talks concise and punchy yet jam-packed with content. I was honestly blown away by the diversity of speakers and unique style of presentations from some of the greatest minds of the Web community on Monday. With the overarching theme, ‘Future of Text’ we touched upon topics such as the original book and written word, 12 year old girls publishing fan fiction and digital preservation.

Key themes for concern that reoccurred in several presentations were the issues of ‘storage’ and ‘archiving’, particularly the perseveration of articles, which were juxtaposed with the excitement of the rapid creation and development of text itself. There was even a discussion about how we document this event; through tweets and blogs and the video recording so others could stream it at a later date that was convenient to them. How can we be certain this will all be accessible in years to come?

The big issue that we seem to be facing is that substrates, systems, formats, and generally technology keeps evolving at such speed we can no longer access previous data from articles only 20 years old! Many of the speakers mentioned old floppy disks and other contraptions I’d not even heard of before that had old research on it that they would never see again.

It was a very enjoyable day, leaving everyone, I’m sure, with something to go away and have a long think about (and projects they can potentially collaborate on).

Questions for thought:

  • Where is it all going? I think this question is directed in terms of preservation but also the bigger picture of innovation and developments is a curious one too.
  • How do we preserve social media with links in?
  • How will future generations decipher what is fake news? • Are we ready for transclusion in scholarly text?
  • Who are we to decide what is important to save and what we should throw away for future generations?

If you’d like to see more about the event you can visit its website or follow the conversation on Twitter: #FText17.

Future of Text Symposium

Peter Norvig & Vint Cerf at Future of Text Symposium, 2016

A stellar line-up of Internet pioneers, key industry innovators, government advisors, academics and commentators are sharing their expertise at The Future of Text Symposium co-hosted by W3C UK & Ireland Office, at the University of Southampton on 11 and 12 September 2017. The symposium concerns all aspects of text but has an emphasis on interactive text. Day one features short presentations by leading experts in the field, with day two focusing on collaborative approaches to re-invent hypertext, text in general, and academic documents for academia.

Speakers include co-inventor of the Internet, Vint Cerf, Professor Dame Wendy Hall, Professor Sir Nigel Shadbolt, Mark BernsteinBjørn Borud, and Doc Searls. Vint Cerf says:

I have participated in the Future of Text events and find them thought-provoking and poignant reminders that text is how we communicate with the future.

Registration is now closed, but you can just us on Twitter using: #ftext17

 

W3C UK & Ireland Office Official Launch

Bernard Gidon, W3C at the launch of W3C UK and Ireland Office.

Bernard Gidon (W3C) at the launch of W3C UK and Ireland Office.

The W3C UK & Ireland Office was formally launched at the University of Southampton on Friday 14 October at a packed event that included talks from Bernard Gidon, who gave an overview of the W3C in Europe, and Phil Archer, who talked about current W3C activities.  There were also presentations by UK members about their involvement with the W3C, including David Rogers (Copper Horse Solutions) who gave a talk on Security and the Web, and Payam Barnaghi (University of Surrey), who talked about  the W3C Working Group on Spatial Data on the Web.

The Web Science Institute (WSI) at the University of Southampton is the new host of the W3C UK & Ireland Office, supporting an international community of member organisations that is leading the Web to its full potential. The W3C UK & Ireland Office will foster relationships with UK technology and policy leaders and help to promote the adoption and implementation of W3C standards in the UK. It will also recruit and engage with members in the region, and develop education and outreach programs to raise awareness of W3C’s role and standards activities by sponsoring and supporting local events where there is a focus on W3C topics.

Professor Dame Wendy Hall, Executive Director of the WSI, said: “The University of Southampton has played an active role in the Web community since 1994. The WSI feels like a natural fit to host the UK & Ireland Office.”

Bernard Gidon, W3C’s Europe, Middle-East and Africa Business Development Leader, commented: “We have found a strong match with the WSI as we continue toward the W3C’s mission. It is fantastic to see the energy and community at the WSI, and I look forward to moving on together as we develop the web community in the UK.”

The University of Southampton has been a member of the W3C since 1998, promoting new futures of the Web through W3C community groups including the Web Observatory, Annotations and Web of Things.

The W3C UK & Ireland Office is staffed by Office Manager Susan Davies and Senior Advisor Professor Leslie Carr.

Video: W3C UK and Ireland Launch

The new W3C UK and Ireland Office opened at the Web Science Institute, University of Southampton on Friday, 14 October 2016. In this video the W3C’s Europe, Middle East, and Africa Business Development Leader, Bernard Gidon, Phil Archer, W3C Data Strategist, and David Rogers, CEO of Copper Horse Solutions Ltd., talk about the W3C and the opportunities opened up by this new collaboration.

W3C UK and Ireland Office Launch

Building 32 UoS 101016

University of Southampton

The W3C UK & Ireland Office Launch will take place on Friday 14 October 2016, hosted by the Web Science Institute at the University of Southampton. The programme for the day is below. If you are interested in finding out more about the W3C and/or becoming a member and would like to attend the Launch, please email Susan Davies, UK & Ireland Office Manager, at sdd1@soton.ac.uk

twitter-logo @wc3uki

Programme  – #wc3uki

13:00 – 13:45 Arrival and Lunch
13:45 – 13:55 Welcome (Professor Les Carr and Susan Davies)
13:55 – 14:05 Overview of the Web Science Institute (Professor Dame Wendy Hall, WSI Executive Director)
14:05 – 14:20 Overview of the W3C in Europe (Bernard Gidon)
14:20 – 14:35 Current W3C Activities (Phil Archer)
14:35 – 14:45 Security and the Web (David Rogers, Copper Horse Solutions Ltd)
14:45 – 15:15 Invited talks by Members
15:15 – 16:00 Discussion: Challenges and Opportunities for the future of the Web and how the W3C can help

W3C TPAC 2016

TPAC 2016 LogoThe UK & Ireland W3C Office joined twelve UK and Irish companies at the Technical Plenary Advisory Committee Meetings Week in Portugal between 19-23 September 2016, to come to agreement about the future of the World Wide Web for publishing, data exchange, financial information and many other areas of interest to our Digital Economy.

The purpose of the W3C office is to support its national members and to promote the areas of current development in the future of the Web. So we joined the more than 550 experts in Web technologies gathered to address challenges and new opportunities for the future of the Web’s technical roadmap and standardization work. Hosted by the World Wide Web Consortium (W3C), whose mission is “to lead the Web to its full potential” by standardizing Web technologies, the annual W3C Technical Plenary and Advisory Committee (TPAC) Meeting included nearly 40 sessions of formally chartered groups engaged in standards-related work. Another 40 informal break-out sessions discussed emerging technologies that may benefit from standardization work at W3C.

At the conference, Web Inventor and W3C Director Sir Tim Berners-Lee gave a keynote address in which he thanked and encouraged his fellow Web technologists to sustain his original vision for an open, interoperable and decentralized Web for everyone in the world.

On 6 August, the world celebrated the 25th anniversary of the Web being offered as a publicly available service. Since its invention by Berners-Lee in 1989, the Web has evolved to have rich video and graphics capabilities, work on multiple devices, appear in many languages  and be accessible for those with disabilities. These advancements rely significantly on open Web standards, the technical building blocks that make the Web open, interoperable and accessible, developed at the World Wide Web Consortium.

“Members of the W3C and the larger Web community carry a great responsibility to shape the future of Web technologies,” said Dr. Jeff Jaffe, W3C CEO. “Most people take for granted that the Web just works for them, but the foundational technologies that make the Web work for everyone are developed by highly skilled and dedicated technology experts in the W3C community. This year’s TPAC meetings underscored the importance and impact of W3C’s work.”

Topping the technical discussions of the groups chartered by W3C were advancements to the Open Web Platform and specific industry requirements for the next generation Web:

In addition to the meetings of the formally chartered Working and Interest Groups for W3C members, for the first time the W3C hosted more than 20 W3C Community Group that are incubating ideas for future Web technologies. Among the topics of high interest in the Community Groups and breakout sessions were blockchain, virtual reality (VR/AR), Web bluetooth and NFC, micro-payments, multi-device timing, and a Web of Things plugfest.

World Wide Web Consortium selects Web Science Institute at the University of Southampton to host UK & Ireland Office

_7JB3618

Web Science Institute Director, Professor Les Carr takes on a new role as Senior Advisor at the new W3C United Kingdom (UK) & Ireland Office/Web Science Institute ©2014

The World Wide Web Consortium (W3C) is pleased to announce that the Web Science Institute (WSI) at the University of Southampton has become the W3C United Kingdom (UK) & Ireland Office.

As the host of the W3C UK & Ireland Office, the WSI will help the W3C achieve its mission to broaden participation in W3C activities of more diverse stakeholders from the UK and Ireland. The WSI will foster relationships with UK and Irish technology and policy leaders and help to promote the adoption and implementation of W3C standards in the UK and Ireland.

The W3C UK & Ireland Office will also recruit and engage with members in the region, and develop education and outreach programs to raise awareness of W3C’s role and standards activities by sponsoring and supporting local events where there is a focus on W3C topics.

“The WSI is excited to be taking on this important role within the W3C,” said Professor Dame Wendy Hall, Executive Director of the WSI. “The University of Southampton has played an active role in the Web community since 1994 and has been a member of the W3C since 1998, promoting new futures of the Web through W3C community groups including the Web Observatory, Annotations and Web of Things.”

J. Alan Bird, W3C Global Business Development Leader commented, “With its wide range of research activities into the technologies and societal impact of the Web, the WSI is in a unique position to help broaden the scope and reach of the W3C. We look forward to working together to help the W3C achieve its mission.”

The WSI carries out research into web science, data science, linked and open data, privacy, trust and provenance, social computation, cybersecurity, social media networks. These research activities align well with new W3C activities, including the W3C Data activities, Web Payments, Web Annotation, Web of Things, Security and Privacy and Web Accessibility. The W3C UK & Ireland Office will be staffed by Susan Davies, Coordination Manager for the WSI, who will become the Office Manager, and Professor Leslie Carr, Director of the WSI Centre for Doctoral Training, who will act in a Senior Advisor role. The WSI takes over from Nominet , who has been running the UK & Ireland Office since 2010.

About the World Wide Web Consortium

The World Wide Web Consortium (W3C) is an international consortium where Member organizations, a full-time staff, and the public work together to develop Web standards. W3C primarily pursues its mission through the creation of Web standards and guidelines designed to ensure long-term growth and stewardship for the Web. Over 400 organizations are Members of the Consortium. W3C is jointly run by the MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the United States, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France, Keio University in Japan and Beihang University in China. W3C has Offices in Australia; the Benelux countries; Brazil; Finland; France; Germany and Austria; Greece; Hungary; India; Italy; Korea; Morocco; Russia; Southern Africa; Spain; Sweden; and the United Kingdom and Ireland. For more information see the W3C website.

About the Web Science Institute

The WSI brings together world-leading research expertise to tackle the most pressing global challenges facing the World Wide Web and wider society today. Its mission is to undertake interdisciplinary research that creates new knowledge about the impact and direction of the Web; to educate students to be architects of change in a digital culture; and to provide a vital source of contemporary strategic and tactical intelligence to its partners. Professor Dame Wendy Hall is the Executive Director of the WSI. She is internationally recognized for her groundbreaking contributions in the field of Web and Internet Sciences and is a member of the Global Commission on Internet Governance. Read more about the: Web Science Institute 

Released: 31 May 2016

Posted in Offices, United Kingdom and Ireland | Comments Off on World Wide Web Consortium selects Web Science Institute at the University of Southampton to host UK & Ireland Office

Hardware based Secure Services CG: report from the London workshop

The Hardware Based Secure Services Community Group met on 26 and 27 April at Morrison & Foerster’s offices in London. 30 people representing 15 companies and universities were present representing Trustonic, Samsung, CESG, Tyfone, G&D, Morpho, HID, Facebook, Copper Horse Solutions, universities of Oxford, Cambridge, Royal Holloway, Southampton, and Visa, Yubiko, Deutch Telekom, gemalto, NokNokLabs, and many others . For the two days of the workshop, the group discussed the opportunity for browsers to integrate secure services offered by hardware technology (such as secure elements and trusted execution environments (TEEs)). The discussion covered the use cases, technical constraints, the user perspective and potential technical solutions.

Summary of findings:

Use cases

The increasing demand from service providers and users to have more guarantees and indication with respect to the security associated with services is a clear trend. The following use cases were listed as having a particular strong expectation in that area: (1) Authentication for the secure management of webmail, web services and VPNs in corporations or in governments, (2) Improving security and usability in online citizen services by reducing password usage (replaced by cryptographic tokens) and improving the trust in user input and output (thanks to trusted UI), (3) Improve use cases such as citizen or consumers recording information, signing and voting steps on line, (4) Identity management: creating an identity credential, update a profile, renew credit, with an adapted procedure in terms of security (i.e. adapting the procedure to the security level), including proof of possession and knowledge, (5) Signatures for legal binding or for users who wish to have verified public posts (comments on social media, applications etc.), including a delegation model (citizen and attorney, consumer and agency etc.).

In addition it was discussed that many hardware based technology and devices were available in today’s web-connected devices such as UICCs, embedded secure elements, trusted execution environments, secure chips and NFC readers. At the same time some removable hardware devices are used. The usage of these technologies for services, or for offering services to app developers is gaining momentum. ApplePay, Trusty in Android, biometric APIs, secure key management backing in hardware APIs and secure enclave all represent the wide range of examples in the market now amongst others available.

This technology will assist the open web platform in retaining its leading position, by offering similar functionalities, especially while the security expectation from users and service providers is increasing. It will also serve to bolster web platform security in its own right.

Identifying Specific Features

The group decided to focus on two specific technology pieces, generating beta APIs. Both features would support the use cases outlined above. These were: 1. Transaction Confirmation API 2. Secure Credential Storage

Feature 1: Transaction Confirmation

This feature allows a web application to trigger a user confirmation based on a secure user interface, including a specific message such as “do you want to digitally sign this transaction?”. It would also allow the request of security information about the context of execution. Suggested code and a flow are in draft and available here: https://github.com/w3c/websec/blob/gh-pages/hb-secure-services/etherpad-04-26-27.md

Editor: Sébastien Bahloul

Feature 2: Secure Credential Storage

This feature allows the generation, usage and administration of a credential such as a key. It includes some additional information allowing for management, including access control rules, lifecycle and renewal. A suggested flow is available at: https://github.com/w3c/websec/blob/gh-pages/hb-secure-services/etherpad-04-26-27.md

Editor: To be agreed

Liaison with other W3C work and groups

Liaison is expected with the following W3C groups: Web Authentication WG, Web Payment WG, Web Crypto WG, Web App Sec WG,

Initial Requirements

The following is an initial set of technical and security requirements, applying to both features:

  • Virtualize the credentials available in hardware, being agnostic in terms of the technology used (e.g. secure chip, TEE, with any physical link supported).
  • Let the user choose the credentials in hardware based technology he/she wants to use.
  • Give clear security indication to the service provider and to the user (i.e. generate an indication of the security level across a large set of components in the stack which help to store, execute and present a transaction).
  • Allow the browser to qualify the security context for operation execution and display, and keep the information consistent and safe.
  • Re-use existing technology e.g. token access control, Same Origin Policy (SOP), Content Security Policy (CSP) etc.
  • Prevent any re-use of bearer tokens, replay attacks, all major state-of-the-art software attacks, time-stamp (if used) abuse, semantic attack etc.
  • Request user consent for service requests relying on hardware based technology owned by the user, permit user control over usage/non-usage, including the ability to change that decision at any time.
  • Credential handling should support a chain of trust (i.e. be able to manage delegation of trust, between user, representative and issuer).
  • Credentials should have a set of information associated easing lifecycle management and authorisations (but not limited to the X.509 certificate model).
  • Manage errors gracefully such as denying domain access, user not permitting access, invalid keys (validation, black list, etc.), network latency, etc.
  • Take into account accessibility practices, for example making sure the security context is explicitly available to assistive tools without compromising security.
  • Preserve the user/service provider confidentiality.
  • Allow service provider customisation (to integrate branding/contextual aspects).

Technical Challenges

Some technical challenges are obviously associated with the capability to offer secure services to web developers. These result in a set of requirements as follows:

  • Ensure the browser can reliably obtain execution and storage security information.
  • Ensure the integration from the browser to the hardware based technology is available.
  • This will be an industry effort to make sure lower layers are implemented; for more details see GlobalPlatform on Web API to access secure element: http://globalplatform.github.io/WebApis-for-SE/doc/
  • Design a security model compatible with the SOP.

Some Immediate Actions

  1. In order to progress on the delivery of relevant features, the attendees of the workshop are invited to test the idea of those features with their partner/customers/teams (All)
  2. Having a technical draft eases conversations, editors should draft an API which envisages services, parameters and code examples, to be reviewed in 3 weeks (Editors)
  3. The community group hosting that conversation needs to continue on a regular basis and attendees need to get on board. A doodle for bi-weekly call will be sent (Chairs)

Complete minutes

Minutes of the meeting can be found at: