We have commonly used to listening the term “standards” for accounting, auditing or quality assurance. The term “standard” is sometimes restricted to technologies approved by formalized committees that are open to participation by all interested parties and operate on a consensus basis. However, Open standards, either unowned or owned by a collective body are the standards giving level playing field to all in terms of reduction of cost and shrinking off protocols to go for initiatives and yet the best part of it that they make websites more visible, accessible from everywhere around the world. They can be freely adopted, implemented and extended, publicly shared and not tightly guarded. Three prominent attributes of the open standards include ease of understanding, implementation and availability to use without any incremental costs/royalty payments.
A more open standard tends to occur when the knowledge of the technology becomes dispersed enough to increase the competition to such an extent that the others are able to start copying the technology as they implement it. Open standards are helpful in free communication against the proprietary standards which consume a lot of cost, time & effort. Particularly at executive levels where effective & efficient decision making is dependent on large data flows effectively handled by them. These standards can assure data retrieval over the long run i.e. 10, 20 or even 100 years after its creation. Further, Government to Government & Citizens to Government interaction create enormous data which cannot be of proprietary nature.
Renowned organizations like Redhat Linux is one of the biggest supporters as these standards are developed by a standard body or even by the organization which are later on adapted by standard body. Examples of few widely used open standards include TCP/IP, OSI Model, NIST, IEEE Standards, HTML, XML etc. These address a wide range of topics from risk management to quality control of deliverables.
From open standards it sounds like why would one use it, when they are open? Means they have all in common so can be breached or overridden so impart zero security. However, the substance over form is that they focus security to a much greater extent to nullify this perception by embedding or extending security features in them. Open source hardware, software, formats and systems are prevalent now-a-days.
The Internet is for everyone.
This remains the Internet Society’s vision. Yet nearly half the people in the world still remain unconnected. Those who are connected face new and growing challenges to fully realizing the Internet’s potential. Even as more people come online, it is critically important that the Internet platform should enable people to connect, communicate, and innovate.
We believe deeply that the Internet must be open, globally-connected, secure, and trustworthy.
Globally connected means that any part of the network can communicate with any other part by using the same open standards and protocols. While no system as broad and diverse as the Internet, therefore, it should be completely secure, vulnerabilities and threats must be mitigated to acceptable risk levels, and design and deployment of services must follow the best practices we know. Trustworthiness requires the Internet to work in a resilient, reliable, and accountable way that consistently meets users’ expectations.
How do you make your web server as secure as possible – while using the latest open security standards? How do you ensure your web site is available to everyone across all the global network of networks that is the Internet?
For the Internet to remain open, globally-connected, trustworthy, and secure, we believe the networks and servers that make up the Internet need to be based on the latest and most secure standards coming out of the Internet Engineering Task Force (IETF).
Many web server administrators may want to support the latest standards and protocols, but they don’t know how, and don’t necessarily have the time to figure it out. Web site administrators may not be aware of the latest open standards, or may not know why they should support these standards.
By the end of 2020, ISOC’s goal is to see an increase in security and availability of web servers across the Internet through the usage of TLS, DNSSEC, IPv6, and HTTP/2 which can be confirmed using the Internet.nl test suite.
Objectives of the project include the following:
- • Build a set of reference web servers showing best practices using apache and nginx, with and without a content delivery network (CDN). Two of the servers are set up as “regular” web servers running on virtual machines. Two of the servers are set up behind a content delivery network (CDN).
- • Document exactly what is to be done to implement the standards, pointing to other excellent resources as well. (GitHub is a platform offering various services of secure development, Code review, Apps, Hosting, Project management, Team management.)
- • Promote that documentation, along with additional resources explaining why these standards are so important for website operators.
- • Lead by example and work to make sure all ISOC-operated sites use these latest standards. ISOC has built four reference servers. All of these servers are being configured to achieve 100% on the Internet.nl website test suite.
On 12 Feb 2020, the two non-CDN sites are at 100% in the tests. The two CDN sites are at 97% while ISOC is getting some changes made to the TLS configuration (dropping support for TLS 1.0/1.1) in the CDN. All four servers support HTTP/2.
In subsequent years ISOC intends to focus on mail servers, time servers, communications servers, and more.
Open standards are a hot topic in European countries, however, Asia Pacific region is just started to explore. The two important developing countries Pakistan & India have introduced their people with this term. India defined open standard as the standard which will be adopted and maintained by a not-for-profit organization, wherein all stakeholders can opt to participate in a transparent, collaborative and consensual manner.
Pakistan is has just announced Digital Pakistan Policy Strategy (2018) whereby a commitment is made to accelerate adoption of IoT, FinTech, Artificial Intelligence & Robotics and enable cost effective introduction of new technologies, including open standards efforts, targeted federal funding, and impactful public- private partnerships. Further, skills and capabilities within
government will be enhanced to evaluate open source ICT products and services as an option ensuring fair consideration of both types of software i.e. open source and proprietary during
the procurement processes. It also pledges encouraging R&D of “Open Source” across the country through appropriate means.
FOSS movement is also playing an important role in Library information system.
Over the next few years, open standards will be making their way forward with the growth & extension of internet & the pace of knowledge accumulation.
