Tim Berners-Lee shares his vision for IT security

Sir Tim Berners-Lee, originator of the World Wide Web, used his closing keynote sermon of the RSA Europe Conference 2011 in describing his vision for the future of IT security. His prerequisite secure systems, makes it easier for people to get things done, rather than adding hindrance to their work.

He used his fresh, personal experience of buying a house in the US, where he had to swap documents and forms with the real estate agent, solicitor and accountant involved in the contract. All parties recognized the need to in sending encrypted email in order to comply with regulations, but each of them used another system, each involving a third-party service provider.

Berners-Lee said he received an email asking him to click on a link so that he could retrieve his own documents, and he had no other choice, but to hand over his information to people he never knew.   He added that the whole thing was dysfunctional.

Berners-Lee said he had imagined public key encryption technology in delivering more benefits by now, but proposed a lot of new encryption tools have poor interfaces and are too difficult to use. He cited GPG (the Gnu Privacy Guard, a free implementation of the OpenPGP standard), which could be used by anyone without paying for anything.  However, the user interface is terrible.

The same principle can be applied to personal devices, where Berners-Lee said it would be better if they could give users more control over how their machines  used, and how systems reserves  used and accessed. Again, the user interface needed in helping users manages their applications and devices for their own advantage, down to a fine-grain level.

He supports cloud, but wanted cloud storage, which could be controlled by the user at more comprehensive level.

Berners-Lee also summarize the notion of a security friendly Web interface in which users would manage to divide their lives into their various activities – for example, family, work, public – each of which could be colour coded and can be assigned on  a different level of privacy, set by its user. By doing this, the fields could be assigned different colours based in their privacy rating.

As director of the World Wide Web Consortium (W3C), Berners-Lee said the organization looks at a straightforward “one-bit solution” enabling users in defining whether their actions should be followed or not, even if would take a lot more work in implementing it.

In a blog post, that Berners-Lee wrote after the death of Steve Jobs earlier this month.  He claimed that Steve was a champion of usable technology.