New requirements for a secure WWW

The World Wide Web is a multimedia hypertext system; it consists of text documents including images as well as a host of other documents of varying structure and differing media types.

For example, single words or simple buttons in a hypertext document may refer to different documents, images or Java applications which are activated by a mouse click. If the so-called hyperlink is activated, the corresponding web server is contacted and the selected document is requested by the client. This document may be another text document, an image, a Java applet simulating a video or a so-called form . Forms are sent to the client by the server, filled out by the client and then returned to the server.

In the World Wide Web, text, images, Java applets, forms etc. are transmitted, suggesting the use of different cryptographic mechanisms for these different media types and structural elements. Image and video data may be protected differently from textual data. For example, it is often sufficient to simply reduce the image quality of the image data or to encrypt merely a segment of the image (e.g. encrypting a face). Furthermore, image and video data are of considerably larger volume than textual data which may make the use of faster cryptographic algorithms (which will then be usually less secure) necessary. The divergent media and structures of an application document or the various document types should also be treated differently by a security platform.

Another layer of security is the protection of the entire document during transmission. A document of a multimedia application is usually a composite of different media types; yet it must be considered as a composite whole.

It is necessary to specifically associate media and cryptographic protocols which determine the appropriate algorithm for each media type. However, once the appropriate cryptographic mechanisms for a media type within a document have been determined, they cannot be changed within that document context.

The selection of these security services should be performed by the user since only he can decide on the basis of a specific document whether it should be signed or merely be encrypted in transit -- this makes user interactions necessary.

Both are problems which are hardly if at all considered in the current telecommunications systems yet are realized in Plasma. As a demonstration of these features, Plasma was integrated into the World Wide Web. The thus developed solution will now be described. The architecture to be presented itself does not offer new insights into the subject of web security but does demonstrate a meaningful application for the security platform Plasma in the World Wide Web and the new concepts realized within the platform, namely the idea of high level security .

Furthermore, this implementation may be used in a real-world scenario for securing communications in the World Wide Web since

• Plasma allows securing several simultaneous communication sessions; this allows a web server to serve several clients simultaneously using secure connections; similarly a client is capable of starting several simultaneous requests to different servers.
• It is possible to create the presented scenarios (and the architecture presented therein) even when firewalls (of the packet filtering/stateful inspection variety) are used to secure a corporate intranet. Plasma uses the standard HTTP protocol for tunneling its secure requests and replies thus facilitating real-world secured web communications[4].
• A basic functionality of any kind of cryptographic systems is a correct key management, i.e. the proper administration and storage of the cryptographic keys for each user. The current realization of the key management subsystem in Plasma conforms to the X.509 authentication framework [15], thus making for a clean implementation of this vital part of a cryptographic system.