Sir Timothy "Tim" Berners-Lee, the Inventor of the Worldwide Web, wants to keep your data on the Internet safe from the people supposed to safeguard it.

His solution: develop a new protocol called "HTTP with Accountability" or HTTPA.

Berners-Lee is leading a team of researchers from the Decentralized Information Group (DIG) at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) in developing HTTPA, a protocol designed to combat the widespread "inadvertent misuse" of data by people authorized to access it.

Like Us on Facebook

DIG is directed by Berners-Lee, who is also the 3Com Founders Professor of Engineering at MIT or the Massachusetts Institute of Technology.

Berners-Lee or Tim BL implemented the first successful communication between a Hypertext Transfer Protocol (HTTP) client and server via the Internet in November 1989. 

HTTPA is based on the counterintuitive concept that a better solution to data misuse or leaks is more transparency and not more security. It will automatically monitor the transmission of private data and allow the data owner to examine how his data is being used.

With HTTPA, each item of private data will be assigned its own Uniform Resource Identifier (URI). Researchers say URI is a component of the Semantic Web that will convert the Web from a collection of searchable text files into a giant database.

Every time the server transmits sensitive data, it will also send a description of the restrictions on the data's use. The server will also log the transaction using the URI in a network of encrypted servers.

The data owner can request an audit that will identify all the people who have accessed his data and what they've done with it. Audit servers can be maintained by a grassroots network.

HTTPA will be voluntary, however. It's up to software developers to follow its specifications when designing their systems.

A paper giving an overview of HTTPA with sample applications such as an experimental health-care records system will be presented at the Conference on Privacy, Security and Trust in July sponsored by the Institute of Electrical and Electronics Engineers.

The MIT researchers say it isn't that difficult to transform an existing website into an HTTPA-aware website.

"On every HTTP request, the server should say, 'OK, here are the usage restrictions for this resource,' and log the transaction in the network of special-purpose servers," said Oshani Seneviratne, an MIT graduate student in electrical engineering and computer science.

She and Lalana Kagal, a principal research scientist at CSAIL, will present the paper at the IEEE conference.

TagsHTTPA, Tim Berners-Lee, HTTP with Accountability