User Trust of a Web Site

From MgmtWiki
Jump to: navigation, search

Full Definition or Meme

For most of humanity their computer is first and foremost a communications device talking to a collection of Web Sites which must be trusted by the user to enable a meaningful experience.

Context

Trust for a Web Site may take (at least) two different forms:

  1. Trust that the Web Site contents is the Truth.
  2. Trust that the Web Site owner and guarantor is exactly the real-world entity that the user expects.

For the former case we find that each Web Site creates and enforces its own Ethics as the see fit. As a result the each web site has its own view of the Truth value of its contents. Unfortunately it is not made clear to the user what each Web Site expects of its own content. For example many Web Sites started to purge their sites of false statements that were considered to cause harm to some set of people in the real-world. In the case of deliberate lies about the Holocaust, or the Sandy Hook slaughter, the majority of Web Sites stopped postings that were illegal in some countries (the Holocaust) or caused harm to some set of people (the surviving parents of Sandy Hook victims). But others, like WordPress blogging platforms deliberately took a hands-off approach.[1] The User is left with little to guide them in determining the trustworthiness of the contents of the site.

In the later case there is one existing solution, the Web Site can purchase an EV Cert for a modest fee that will guarantee some identity proofing of the business that owns the site. Some have pointed out that this proofing is inadequate, and federations of similar Enterprises have banded together to create a central repository which will vouch for the site's Compliance with the Federation's policies. For example the Trust Management policies that are enabled with the SAML II Shibboleth Concepts. This is further expanded on the wiki page Federated Trust.

  • This page will only consider the use of a trusted User Agent, typically a web browser from a well-known and trusted vendor.
  • For the case of the user allowing a Native App to be installed on their personal device, see the page Native App Security.

User Experience

The NASCAR problem is a reference to the jumble of branding icons on websites, e.g. 3rd party sign-in/login options or sharing buttons. It is dubbed the NASCAR problem because of these clusters of 3rd party icons/brands on websites resembles the collages of sponsorship decals covering NASCAR racing cars. It's a problem because such clusters of icons/brands cause both visual noise and people to be confused (see Paradox of choice), overwhelmed or unlikely to remember individual icons, especially as the clusters seem to grow with the introduction of new 3rd party identity/profile/social sites and services.

Protection of User Authenticators

Aka Credentials, is currently in development at:

  1. Phone as Health Care Credential
  2. Native App Security

Problems

  • After 20 years of web based attacks on users, security protection is still dependent on the education of users, who are known to be gullible. This is a 2018-12 report from the NSS[2]
Education is a key component of protection against SEM [socially engineered malware] and phishing attacks. Users who are able to identify socially engineered attacks rely less on technology for protection against such attacks. NSS Labs recommends supplementing browser protection with user education to protect against attacks that bypass browser protections.
  • Secure Web Sites using SSL (HTTPS:// scheme) still allow insecure content to be loaded. On 2017-10-27 it was estimated that 2.4% of sites downloaded secure content. On 2019-05-08 Chrome browser (currently version 74) was just announcing (on blink-dev) that they finally intend "to block insecurely-delivered downloads initiated from secure contexts if the download is for a high-risk file type", in spite of its appearance as section 4.6.5 of the current html spec. Which asserts: Warning! This algorithm is intended to mitigate security dangers involved in downloading files from untrusted sites, and user agents are strongly urged to follow it. It is unclear which version of Chrome might have this feature.==Solutions==

The following are some ways to improve the situation and a subject to reality checks from time to time.

  • The Web Site exposes its name in a manner that allows the user to make a meaningful trust decision. See the page on Trusted Identifier and Web Site Identity for details.
  • Most browsers come with a feature that will evaluate any file downloaded to a computer based on a set of constantly updated filters installed in the cloud.

References

  1. Sapna Maheshwari +1, Sandy Hook Father Combats Lies, and a Blog Sites Policy. (2018-08-14) New York Times p. B1
  2. NSSlabs, NSS Labs Announces Results of 2018 Web Browser Security Test. (2018-12-05) https://globenewswire.com/news-release/2018/12/05/1662619/0/en/NSS-Labs-Announces-Results-of-2018-Web-Browser-Security-Test.html

Other Support Material

  1. The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of web site software.
  2. ISACs are member-driven organizations, delivering all-hazards threat and mitigation information to asset owners and operators.