26 Jul 2011 connolly   » (Master)

Secure Mashups: CSRF-resistent alternatives to WebID

I think WebID is headed in the wrong direction. It separates authorization from authentication, which is widely believed to be a good practice, but proves spectacularly bad practice when it leads to cross-site request forgery.  I have tried to explain my misgivings to the WebID proponents, but I didn't have much in the way of an alternative to suggest. Until today, when I found Sitelier and Belay Research.

While evaluating Spring Security today, I went looking to see if it its role-based architecture is in any way compatible with capability-based approaches and I found this, from the Sitelier guys:

In our view, the web right now is backwards: users have accounts on dozens of websites, all with their own logins and passwords, and our content and personal information is scattered all over the web, out of our control. Sitelier turns the situation around: when you install an app, you're effectively creating an account on your site for the app, which can then save its data (your data) there, so all your online information can live in one secure location that you control.
Replies pointed out related work such as Belay Research and emphasized usability research. Indeed, my understanding since at least as far back as my Dec 2008 post is that the capability approach is the necessary and sufficient solution to the problem of secure mashups; the only question is: given the worse-is-better tendency in software deployment, is there any chance we can move the state-of-the-art that far?

There are also some market forces to consider. If I host my own email, how do get sub-second search a la ad-powered gmail?


Syndicated 2011-07-26 22:26:00 (Updated 2011-07-26 22:26:48) from Dan Connolly

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!