Resources are identified on the Web by URIs. URIs are intended to be shared. There is benefit to exposing resources identified by URIs. However, not all resources are intended for exposure to all agents or users. And URIs may be shared without regard to whether a particular user or agent may be granted access to the associated resource by the server which produced the URI.

Increasingly, representations offered by a Web agent may be formed by the interaction between multiple parties, rather than simply by the interaction between one server and one client or between the consumer of a representation of a resource and the provider of that representation.

Although there is benefit to exposing resources on the Web, there is also cost. An entity which exposes a resource on the Web must ensure that the benefit of exposing the resource is greater than the cost of doing so. Adequately securing that resource is a way of ensuring this balance.

Common security mechanisms such as authentication, confidentiality, integrity, and authorization still apply on the Web, but at massive scale.

How does one party ensure that the requester of a resource is authorized to access that resource? How may the recipient of a request reliably identify or authenticate the requestor? When a representation is formed dynamically of representations produced by multiple parties, how may we ensure that active content from one party does not maliciously modify content produced by another party within the same representation? How might we ensure that a representation does not consume an inordinate amount of system resources of the agent consuming the representation?

Web Security Stories

  1. User accesses which hijacks his session with (by clickjacking), causing the browser to send the user's cookies to and causing to believe that the requester is the user, rather than

  2. User accesses, which delivers a Javascript which crashes the user's browser (losing all of the other pages the user was browsing at the time)

  3. User accesses which asks the user for her email address. uses this email address to spam the user.

Related Specifications/Ideas