Curated by: Luigi Canali De Rossi

Saturday, February 25, 2006

Connected Social Web Applications: Security Improvements And A Look At The Future

Sponsored Links

Connected web applications and the social web may create new business opportunities and solutions to unsolvable problems we now seem to have. This is at least Ben Hunt's optimistic vision of what social interconnected web applications could bring to us in the near future.

Photo credit: Dimitrios Kaisaris

In the third part of his explorative essay on the future of interconnected apps Ben Hunt explores benefits that the social web may bring to security issues (Part I and Part II).

I openly invite you to challenge and respond to Ben's vision through the comments section at the end of this essay and to share your view and take on the validity, strengths and possible weaknesses of his vision.

Photo credit: Dimitrios Kaisaris

Phishing and online scams

We can use the power of the connected web to counter "un-neighborly" online activity.

The system would work in a similar way to connected social bookmarking, but instead of marking favourite sites, smart users would click a different toolbar button to mark a site as "dodgy".

The system can keep a central record of bad sites, and any time someone clicks a link in an email that purports to be from their bank, their browser toolbar will find the address/IP on the bad-list, and will pop up a big red "Warning! This site is NOT a real banking site!".

Note the red flag also warning me that the community rates this site as malicious.

Automatically logging users into safe web sites both improves usability and safety.
If I visit a web site, my browser toolbar could indicate that the site offers automatic log-in (by being affiliated with the connected web).

Here's how it might work:

  • I click the "Autologin" button.

  • The web site asks my browser for my unique ID address, and then contacts my ID account to request a new auto-login function.

  • My ID account pings my authorized client software (e.g. my instant messenger), which pops up a message confirming the request.

  • I confirm the request to my ID account, also confirming what data I wish to share with the web site.

  • On future visits, my web browser tells the site my unique ID, the site contacts my ID account to get confirmation of my credentials, which are transferred automatically, and I'm logged in automatically.

There's no doubt about the wasteful cost of spam, and a robust solution to the problem is needed to prevent the whole email system from grinding to a halt.

In a similar method to phishing, the connected worldwide web can keep a score of untrustworthy email addresses.

However, we can also use the connected web positively to enhance the basic blacklisting/whitelisting functionality, reducing the margin for error and adding a dose of rich content.

Through polling our peer-to-peer network of connections, it's possible to ask a couple of thousand other entities connected in our web neighborhood whether an email address we don't recognize is valid or not.

Here's how it might work:

  • You give your email server permission to run a certain kind of "Email-check" search via your ID account

  • When the mail server receives an email from an unrecognized source, it pings your ID account with a request for an ID check.

  • The ID account forwards the request to all its connections.

  • Your connections' ID accounts reply with either a positive (I trust this address), null (I don't know this address) or negative (I don't trust this address) response.

  • Your email server quickly collates the polled results and decides what to do with the message.

Other applications for the connected web

Here are a few more obvious applications that will use the new interconnected web architecture.

Dating will benefit from the ability to search your connections and broader network, as it's beneficial to find someone who is already connected to you in some way (which traditional dating databases wouldn't pick up on) - your interests & affiliations heat map!

Ride share
Ride sharing is an ideal web-based application. Think how many people live in the same suburban areas, and commute in their own vehicles to the same downtown locations for a day's work, before crawling back in traffic the same way.

The big challenge to getting people to share their vehicles is personal security. How can you be sure that the person you're picking up in your car (or the person who's picking you up) is who they say they are?

The connected web helps by finding and showing the connecting path between you and them. If you know that they're in the same knitting group as your next-door neighbor Molly, you can easily verify and be secure in their identity.

The world is full of these links - much more full than we think! When we meet someone with whom we share a connection, we say "Small world!". But maybe the world is much smaller than we think!


  1. Groups fit naturally into the connected web structure.

  2. A group is an entity.

  3. The members of the group are other entities.

  4. Membership means there is a reciprocal relationship between the group and each member - the group recognizes and trusts the individual, and the individual recognizes and trusts the group. So membership is a mutual recognition, and therefore under the control of both the group and the member.

  5. Group-level functions, like login to forums or receiving email newsletters, are dependent on the reciprocal relationship being in place.

  6. As an entity with links, the group connects each member to each other through itself. That reflects the real-world mesh of connections.

How might the connected web come about?

I can imagine two channels that could create the connected web:

  1. Commercial interest

  2. The open-source community

Commercial interest
There are massive potential benefits for a company that can create a more connected web architecture. This architecture doesn't replace web 1.0 - it works through it and uses the same technology as is in use today.

The difference is reach. There are only a few companies with long enough reach to build a connected web that could reach a critical mass: Yahoo!, Google, AOL and Microsoft/MSNBC are obvious candidates.

Out of these, I think Yahoo! is by far the strongest candidate, because it has always been in the community-building business, with a great human-centered directory, Groups and Messenger, plus recent acquisitions like Flickr,, and WebJay.

Yahoo! has also recently introduced its 360 suite (currently in beta), whose tag line is "Keep your friends and family connected to you." Sounds like connected web to me!

How long could it take Yahoo! to get the connected web up and running? Probably months. It could start running existing and new services running on the connected architecture within a year.

The challenge to Yahoo! will be internal. For its entire history, Yahoo! has expanded mainly through acquisition, plugging new services into its web-based systems, which has delivered fast growth. Yahoo has only engineered its own systems where there was nothing suitable available on the open market. However, it has done this very well, with a focus on ease-of-use and usefulness, maintaining a coherent user experience.

It already has a common login mechanism, and good APIs across all its services, and has driven innovations like single check-out for all stores in its marketplace. Plus, Yahoo is making good noises about social search (which is almost saying the connected web!).

I don't know whether Yahoo has ever really had to re-architect its fundamental architecture, which has remained much the same (i.e. Web 1.0). The challenge is whether Yahoo's shareholders will judge that it can afford to hold its expansion for long enough to turn into a butterfly. If it can grasp the nettle, I think that Yahoo is ideally positioned to reinvent itself as the dominant online brand for the next 5 or 10 years! I hope they can grasp the scope of the opportunity.

The Open-source community
We shouldn't under-estimate the open-source route. Because the connected web is so simple in architecture (I haven't detailed it all in this article), it would be possible to set up a consortium and agree an initial design and protocols within a year.

It would then be up to individuals, organizations and corporations to co-operate to build and host the infrastructure required to facilitate the connected web. I am convinced that this is possible, with different interests running the identity servers that store ID accounts and the applications that interact with them, and I have developed a model for this.

However, I don't believe that the open-source movement can move quickly enough to win out against commercial interests, because there is too much to gain. I can't honestly see the World Wide Web Consortium (W3C) or other bodies being able to mobilize its affiliates in the same time Yahoo! could motivate its board into action. This is the challenge to the public community.

Only time will tell.

See also Part I and Part II of this essay:
How New Social, Interconnected Applications Give Way To The Untapped Potential Of The Semantic Web
Feb. 4th 2006

The Interconnected Social Web: Feedback, Trust And Reputation Are The Critical Online New Marketplace Components
Feb.14th 2006

About the author:
Ben Hunt, aka the "Web Doctor", is a UK-based interaction design consultant who has been designing software, web sites, and web applications since 1996. Ben runs a small UK-based consulting business called Scratchmedia, and publishes 'Web design from Scratch' to share his passion for designing excellent user interfaces with a worldwide audience. His key mission is to help make the web a better place by learning and sharing the practice of good design.

Ben Hunt -
Reference: Web Design from Scratch [ Read more ]
Readers' Comments    
2006-02-27 04:13:41

Doug Hudiburg

"The world is full of these links - much more full than we think! When we meet someone with whom we share a connection, we say "Small world!". But maybe the world is much smaller than we think!"

I appreciate Ben's insightful look forward as web 2.0 gains speed toward widespread adoption. It emphasizes my personal view that true connectedness through the power of the web is cause for hope that positive social change can come from the latent power of the masses.

Gaining enough true connections to reach a critical mass that tips the scales of power away from the ruling class is nearly impossible for all but the most charismatic of us (Ghandi, King, etc.) without being able to stand on the shoulders of technology.

If like-minded connections can be made seamlessly, globally, and rapidly, we will see positive change on a massive scale.

Thank you, Robin, for bringing this conversation to your audience.

posted by Robin Good on Saturday, February 25 2006, updated on Tuesday, May 5 2015

Search this site for more with 








    Curated by

    New media explorer
    Communication designer


    POP Newsletter

    Robin Good's Newsletter for Professional Online Publishers  



    Real Time Web Analytics