Security Assurance for Web Device APIs

There are many obvious reasons why web developers would like enhanced access to the facilities of the client platform. It is equally obvious that such access represents an enormous potential threat: if the solution is designed or implemented incorrectly, assorted security and privacy problems could result, ranging from loss of personal privacy to the complete takeover of the host platform. Accordingly, strong protections must be designed in from the beginning. The paper does not claim to have a complete solution. Rather, the author wishes to propose certain design principles. The paper focuses on two areas: usability of the human interface, and guarantees that the browser is suitably isolated from all but authorized devices.