network impact of web access to device apis
play

Network impact of Web access to device APIs W3C Workshop on - PowerPoint PPT Presentation

Nov 18, 2022 •375 likes •512 views

Network impact of Web access to device APIs W3C Workshop on Security for Access to Device APIs from the Web December 10-11, 2008 Mat Ford http://www.isoc.org Background ISOC is focused on continued operation of the global Internet

  1. Network impact of Web access to device APIs W3C Workshop on Security for Access to Device APIs from the Web December 10-11, 2008 Mat Ford http://www.isoc.org

  2. Background • ISOC is focused on continued operation of the global Internet – Taking a holistic approach to identify issues and opportunities – Many network growth issues and opportunities cross boundaries and cut into competing interests • Our purposes are to: – Identify and help elaborate such cross-boundary network issues – Promote resolution through open dialogue and collaboration in appropriate fora – Promote and validate the open, collaborative Internet development model 10th - 11th December 2 http://www.isoc.org 2008

  3. Background • Concerned with identifying forces pushing towards – islands of networking – emergence of multiple networked realities • Looking to drive a modern understanding and consistent implementation of the end-to-end principle of the Internet • We also aim to support development and deployment of key technologies for stable and secure Internet infrastructure 10th - 11th December 3 http://www.isoc.org 2008

  4. Interest areas • These motivations and concerns lead us to an interest in the topic of this workshop in at least three areas: – Network impact – Open interfaces – Layering 10th - 11th December 4 http://www.isoc.org 2008

  5. Network impact • What are potential impacts on network layer? • What are potential side-effects on network usage? • Web apps inherently more secure as potentially more regularly updated? • Exposing device APIs to the web may increase potential for remote exploit – New generations of network worms and bots 10th - 11th December 5 http://www.isoc.org 2008

  6. Network impact • New patterns of network usage – IP nets typically dimensioned based upon assumptions about end-host behaviour that are increasingly invalid – More M2M and background bulk transfers (P2P) create new pressures on operators – Is there potential for increasingly sophisticated web applications to drive disruptive patterns of network usage? 10th - 11th December 6 http://www.isoc.org 2008

  7. Open interfaces • Open interfaces are the bedrock of the Internet’s success • Gross functionality of the network should not depend on use of proprietary equipment • Open interfaces maximise the potential for innovative applications to emerge, thereby increasing the value of the network to all 10th - 11th December 7 http://www.isoc.org 2008

  8. Layering • Internet != Web • Minimise potential for undesirable interactions between layers • Maximise potential to change properties of one layer without negatively impacting other layers 10th - 11th December 8 http://www.isoc.org 2008

  9. Some examples • Strong(er) coupling between app layer and net layer is generally undesirable: – Optimising app performance by requiring network support – Sharing IP addresses across subscribers will require apps to know more about the net 10th - 11th December 9 http://www.isoc.org 2008

  10. Some (mobile specific) examples • Does the amount of glue needed to provide a seamless user experience work to balkanize services by device/provider/etc? • User expectations of consistent service and behaviour when roaming? • Potentially a lot of middlebox interactions required • Potential conflicts caused by fairly atomic widgets accessing hardware features on a handset (like geo-location data) without any kind of unified version of user preferences at the local level • Lots of questions re: conflicts in policy, data portability, service mismatches while roaming, etc. • And then there’re the security and privacy concerns 10th - 11th December 10 http://www.isoc.org 2008

  11. Concluding remarks • Need for a strong and consistent security model when allowing web apps access to device APIs is obvious – This workshop is valuable, thanks organisers! • Please try to keep the concerns and principles raised here in mind when developing in this space • Increasingly sophisticated web apps are enriching the Internet and exposing device APIs has potential to do the same • Need to be vigilant against harming some fundamental properties that have brought us to where we are today 10th - 11th December 11 http://www.isoc.org 2008

  12. Thanks for your attention! 10th - 11th December 12 http://www.isoc.org 2008

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from

A New Approach to Online Location Privacy W3C Workshop: Security for Access to Device APIs from the Web December 10, 2008 John Morris Center for Democracy & Technology 1 Need for New Approach Current failed model for privacy on the web

227 views • 7 slides
Security for access to device APIs Stewart Brodie ANT Galio Browser Software Team Leader ANT

Security for access to device APIs Stewart Brodie ANT Galio Browser Software Team Leader ANT

Security for access to device APIs Stewart Brodie ANT Galio Browser Software Team Leader ANT Software Ltd. WAFERs: Overview An application model for HTML + JavaScript content Requires no changes to an existing HTML document Only

233 views • 7 slides
Security Assurance for Web Device APIs Maritza Johnson and Steven M. Bellovin

Security Assurance for Web Device APIs Maritza Johnson and Steven M. Bellovin

Security Assurance for Web Device APIs Maritza Johnson and Steven M. Bellovin http://www.cs.columbia.edu/~ { maritzaj,smb } Columbia University December 9, 2008 1 / 7 The Problem Web servers want access to very sensitive The Problem

260 views • 12 slides
InfiniBand Network Block Device Overview IBNBD: InfiniBand Network Block device Transfer

InfiniBand Network Block Device Overview IBNBD: InfiniBand Network Block device Transfer

InfiniBand Network Block Device Overview IBNBD: InfiniBand Network Block device Transfer block IO using InfiniBand RDMA Map a remote block device and access it locally Client side registers as a block device, i.e.

474 views • 25 slides
iCellular: Device-Customized Cellular Network Access on Commodity Smartphones Yuanjie Li 1 ,

iCellular: Device-Customized Cellular Network Access on Commodity Smartphones Yuanjie Li 1 ,

iCellular: Device-Customized Cellular Network Access on Commodity Smartphones Yuanjie Li 1 , Haotian Deng 2 , ChunyiPeng 2 , Zengwen Yuan 1 , Guan-Hua Tu 1 , Jiayao Li 1 , Songwu Lu 1 1 University of California, Los Angeles 2 The Ohio State

802 views • 31 slides
Access Network Access Network Access network: local loop infrastructure It is the last

Access Network Access Network Access network: local loop infrastructure It is the last

Access network and access service Access Network Access Network Access network: local loop infrastructure It is the last mile of the network Connects the user with the first network POP Can use different technologies

369 views • 11 slides
Authorizing network access for IoT devices Mohit Sethi Tuomas Aura Outline Authorizing

Authorizing network access for IoT devices Mohit Sethi Tuomas Aura Outline Authorizing

Authorizing network access for IoT devices Mohit Sethi Tuomas Aura Outline Authorizing local network and Internet access for IoT devices Cloud-managed network-access authoriza=on Bootstrapping security between device and cloud

328 views • 20 slides
Impact of Requirements on Iden3ty Management Solu3ons Frederick

Impact of Requirements on Iden3ty Management Solu3ons Frederick

Impact of Requirements on Iden3ty Management Solu3ons Frederick Hirsch, 24 May 2011 Nokia, Co-Chair W3C Device APIs WG* @Nhirsch *Disclaimer: These

309 views • 7 slides
Hardware and Device Drivers Device virtualization Device drivers and security Bjrn

Hardware and Device Drivers Device virtualization Device drivers and security Bjrn

Outline Faculty of Computer Science Institute for System Architecture, Operating Systems Group What's so different about device drivers? Hardware access Writing device drivers on L4 Reuse of legacy drivers Hardware and Device

619 views • 12 slides
Provisioning IoT with Web NFC Zoltan Kis (@zolkis), Intel Background JavaScript APIs for

Provisioning IoT with Web NFC Zoltan Kis (@zolkis), Intel Background JavaScript APIs for

Provisioning IoT with Web NFC Zoltan Kis (@zolkis), Intel Background JavaScript APIs for IoTivity, Soletta W3C Web NFC editor Web access to hardware Earlier: Network management (DSL) Mesh radio networks DSP (AI applied in

908 views • 39 slides
APIs and Mobile and Online Privacy Scene-setting, Regulations and Controversies W3C Device API

APIs and Mobile and Online Privacy Scene-setting, Regulations and Controversies W3C Device API

APIs and Mobile and Online Privacy Scene-setting, Regulations and Controversies W3C Device API Privacy Kasey Chappelle, Global Privacy Counsel July 2010 Vodafone C2 Vast rates of societal change, increasing all the time TECHNOLOGIC SOCIAL

213 views • 6 slides
From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I

From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I

From Privacy To Opacity - Digital Me Management W3C Workshop - Privacy for Advanced Web APIs I am ? Karl Dubost Network Global Instantaneous Replicated Permanent ACCESS AND Traces lead to Patterns Privacy is cultural Robots.txt

287 views • 12 slides
Welcome BYOx 2018 @ BPSSC What is BYOx BYOx (Bring Your Own Device) Students bring their

Welcome BYOx 2018 @ BPSSC What is BYOx BYOx (Bring Your Own Device) Students bring their

Welcome BYOx 2018 @ BPSSC What is BYOx BYOx (Bring Your Own Device) Students bring their personal device from home to access our EQ network We are offering BYOx to all students in 2018 Our Network Safe Filtered Internet

749 views • 13 slides
Use cases and Requirements of Device API and UI/UX W3C Web on TV Workshop Jinhong Yang,

Use cases and Requirements of Device API and UI/UX W3C Web on TV Workshop Jinhong Yang,

Use cases and Requirements of Device API and UI/UX W3C Web on TV Workshop Jinhong Yang, Sanghong An 2010.09 KAIST 1 Use cases of Device APIs for Web on TV Watching the television channels on the browser with channel changing Checking

339 views • 7 slides
Network Interfaces & ifconfig what is a network interface? Associated with a hardware

Network Interfaces & ifconfig what is a network interface? Associated with a hardware

Network Interfaces & ifconfig what is a network interface? Associated with a hardware device device fxp0 - Intel EtherExpress Pro Practical Networking Sometimes not loopback interface lo0 - pseudo-device Interfaces

154 views • 3 slides
PBMs and Impact on Access and Affordability Amy Killelea, JD Senior Director, Health Systems

PBMs and Impact on Access and Affordability Amy Killelea, JD Senior Director, Health Systems

PBMs and Impact on Access and Affordability Amy Killelea, JD Senior Director, Health Systems & Policy NASTAD 1) Formulary Inclusion, UM, and Pharmacy Network Design PBMs play an outsized role in prescription drug access, including

495 views • 10 slides
Clubs, Beliefs, and Entrapment Scott Duke Kominers Harvard University AMS Session on Behavioral

Clubs, Beliefs, and Entrapment Scott Duke Kominers Harvard University AMS Session on Behavioral

Clubs, Beliefs, and Entrapment Scott Duke Kominers Harvard University AMS Session on Behavioral Sciences Joint Mathematics Meetings January 7, 2009 Scott Duke Kominers (Harvard) Clubs, Beliefs, and Entrapment January 7, 2009 1 / 6 Overview

1.04k views • 78 slides
IN5320 - Development in Platform Ecosystems Lecture 3: Platform Ecosystems fundamental concepts

IN5320 - Development in Platform Ecosystems Lecture 3: Platform Ecosystems fundamental concepts

IN5320 - Development in Platform Ecosystems Lecture 3: Platform Ecosystems fundamental concepts 24th of September 2020 Department of Informatics, University of Oslo Magnus Li - magl@ifi.uio.no 1 Summary last week (Information Systems and

612 views • 48 slides
A-Pressen/ Edda media A merger among Norwegian newspapers: an academic view Lapo Filistrucchi

A-Pressen/ Edda media A merger among Norwegian newspapers: an academic view Lapo Filistrucchi

A-Pressen/ Edda media A merger among Norwegian newspapers: an academic view Lapo Filistrucchi University of Florence and TILEC, Tilburg University 2013 ACE conference Brussels, 14/12/2013 General comment Interesting case I hope I

156 views • 13 slides
Team-triggered coordination of networked systems Cameron Nowzari Jorge Cort es Mechanical

Team-triggered coordination of networked systems Cameron Nowzari Jorge Cort es Mechanical

Team-triggered coordination of networked systems Cameron Nowzari Jorge Cort es Mechanical and Aerospace Engineering University of California, San Diego cnowzari@ucsd.edu American Control Conference Washington D.C. June 18, 2013

864 views • 53 slides
Will This Paper Increase Your h -index? Scientific Impact Prediction Yuxiao Dong, Reid A.

Will This Paper Increase Your h -index? Scientific Impact Prediction Yuxiao Dong, Reid A.

Interdisciplinary Center for Network Science and Applications Will This Paper Increase Your h -index? Scientific Impact Prediction Yuxiao Dong, Reid A. Johnson, Nitesh V. Chawla Interdisciplinary Center for Network Science and

622 views • 44 slides
Role-Based Architecture & Network Pointers Jona Schoch Seminar in Distributed Computing Oct

Role-Based Architecture & Network Pointers Jona Schoch Seminar in Distributed Computing Oct

Role-Based Architecture & Network Pointers Jona Schoch Seminar in Distributed Computing Oct 17, 2007 From Protocol Stack to Protocol Heap - Role-Based Architecture R. Braden, T. Faber, M. Handley 2 Protocol Stack model Consists of

292 views • 25 slides
Bayesian Networks Machine Learning 10-601B Seyoung Kim Many

Bayesian Networks Machine Learning 10-601B Seyoung Kim Many

Bayesian Networks Machine Learning 10-601B Seyoung Kim Many of these slides are derived from William Cohen. Thanks! Bayesian Networks B E

570 views • 33 slides
Based on the Number of Queries Kenta Iwasaki, Kazuyuki Shudo Tokyo Institute of Technology Tokyo

Based on the Number of Queries Kenta Iwasaki, Kazuyuki Shudo Tokyo Institute of Technology Tokyo

, IEEE SocialCom 2018 December 2018 Comparing Graph Sampling Methods Based on the Number of Queries Kenta Iwasaki, Kazuyuki Shudo Tokyo Institute of Technology Tokyo Tech 1 / 10 Graph sampling

247 views • 11 slides

More recommend