Berners-Lee urges security professionals to help W3C build safer web

World wide web founder Sir Tim Berners-Lee has called on the security community to engage more closely with standards body the W3C in order to build a more secure web.

Speaking at RSA Conference Europe, Berners-Lee argued that innovations in the web applications space are shaping the future of the web, with the web page becoming a de facto computing platform as powerful as a desktop app.

"Web applications are exciting because it's a connected, portable platform," he said.

"I would like to see the security community come to the W3C and join the groups building that environment. Use your expertise of security to make it a secure, powerful environment."

The web application layer is increasingly being targeted by cyber criminals keen to exploit the numerous vulnerabilities that exist – in many cases because of poor coding.

Security vendor Imperva's latest biannual Web Application Attack Report monitored more than 10 million individual attacks aimed at 30 top web applications over six months. It found websites were attacked about 27 times an hour on average, some being hit 25,000 times an hour or seven a second during heavy assaults.

At RSA Conference Europe, Berners-Lee also encouraged information security practitioners to get involved with the W3C working group currently working on "Do Not Track" standards for the web, designed to boost user privacy.

The group has an ambitious goal of finalising standards in this area by mid-2012. It is currently working on offering users two separate terms of service, one for those that are happy to be tracked and one for those who want to guard their privacy more carefully.

"It may be difficult to get consensus on where the line is drawn here but it's worth a shot," he told delegates.