Introduction to Web 3.0

Web 3.0is slated to be the new paradigm in web interaction and will mark a fundamental change in how developers create websites,

You have probably heard the term “web 3.0” floating around the internet. Simply put, web 3.0 is the new phase of the internet’s evolution. The changes that web 3.0 is bringing to the internet is going to take it to a whole new level. Computer scientists and Internet experts believe that these changes are going to make the internet smarter and our lives easier. So, to understand these paradigm-shifting changes, let’s first look at the evolution of the internet as we know it.

Web 1.0

Believe it or not, there used to be a version of the internet that existed before social media and video streaming! This was a time before Google in the mid-to-late ’90s. The internet used to be dominated by AltaVista and Netscape. Back then the internet existed to only advertise their brick-and-mortar companies. These websites were “read-only web,” meaning you were only allowed to search for information and read it.

Most e-commerce websites are still web 1.0 in nature since the concept behind them is simple. Present products to the customers and take money from the ones who are interested. These websites are usually very smooth and fast, however, the level of user interaction is minimalistic.

Web 2.0

The next iteration of the internet was called the “web 2.0” or the “read-write” web. Now, users were not just idle visitors, they could create their own content and upload it to a website. Starting roughly around 2003 when the term was coined by Dale Dougherty, Vice President at O’Reilly Media, web 2.0 has taken over the world by storm. In just over a decade, it has completely redefined marketing and business operations.

Instagram Influencers can make or break a brand by posting one single photo, Yelp reviewers can destroy a restaurant by one single negative review. Audience reviews are critical when it comes to buying decisions. According to a survey, 90 percent of customers reading online reviews before purchasing and 88 percent of them trusting them as much as a personal recommendation.

Web 2.0’s main aim was to make the internet more democratic and make it as user-accessible as possible.

Web 3.0

Every time you buy something on Amazon, the website’s algorithm will look at the other items that people who have purchased your product went on buy and then recommends that to you. So, think about what is going on here. The website is learning from other users what your preferred choices can be and then use it to recommend to you what you may like. In essence, the website itself is learning and becoming more intelligent.

That, in a nutshell, is the very philosophy behind web 3.0. Web 1.0 was primarily driven by content that came from the business or the institution for its customers. Web 2.0 took things a little bit further by allowing users to upload and share their content on the website itself. Web 3.0 allows online applications and websites to receive information that’s on the Web and give new information/data to the users.

The 4 Properties of Web 3.0

To understand the nuances and subtleties of Web 3.0, let’s look at the four properties of Web 3.0:

Semantic Web

Thanks to semantic metadata, Web 3.0 will help in greater connectivity between data. As a result, the user experience evolves to another level of connectivity that leverages all the available information.

Artificial Intelligence

AI will allow websites to filter and present users the best data possible. Currently in web 2.0, we have started taking user opinions to help us understand the quality of a particular product/asset. Think of a website like Rotten Tomatoes where users get to vote on a list of movies. Movies with a higher rating are usually considered “good movies”. Lists like these help us get to the “good data” without going through “bad data.”

3D Graphics

Web 3.0 is going to change the future of the internet develops from the simple 2D web into a more realistic three-dimensional cyberworld. The three-dimensional design is being used extensively in websites and services in Web 3.0 such as online games, e-commerce, real-estate industry etc.

Ubiquitous

Ubiquitous means the idea of existing or being everywhere, especially at the same time i.e., omnipresent. We have already got this feature in Web 2.0. Think of social media websites like Instagram, users capture images on the camera and they can upload and distribute it online where they become their intellectual property. The image thus becomes accessible everywhere aka ubiquitous.

In the next blog we will look at the advantages and disadvantages of Web 3.0 and the various challenges that it has to overcome.

General Security Principle: Introduction

A principle which is a core obligation of information security for the safe utilization, flow, and storage of information is the CIA triad. CIA stands for confidentiality, integrity, and availability and these are the three main objectives of information security. For a deeper look into these objectives, check out our security training classes.

The Application Access Layer defines the notion that access to end-user applications have to be constrained to business ought-to-know
The Infrastructure Access Layer describes the notion that access to infrastructure components has to be constrained to business ought-to-know. For instance, access to servers.
The Physical Access Layer describes the notion that the physical access to any system, server, computer, data centre, or another physical object storing confidential information has to be constrained to business ought-to-know.
The Data In Motion Layer describes the notion that data ought to be secured while in motion.
This little icon in the middle of the illustration shows the centre of information security and the reason for the emergence of the CIA principles; the icon represents information and represents the need to protect sensitive information.

Confidentiality

The aim of confidentiality is to ensure that information is hidden from people unlawful to access it. The confidentiality principle dictates that information should solely be viewed by people with appropriate and correct privileges. The science (and art) used to ensure data confidentiality is cryptography, which involves encryption and decryption methods.

Confidentiality can be easily breached so each employee in an organization or company should be aware of his responsibilities in maintaining confidentiality of the information delegated to him for the exercise of his duties. For instance, if an employee allows someone to take a glimpse of his computer screen while he is, at that moment, displaying confidential information on the computer screen may have already constituted a breach of confidentiality.

Furthermore, confidentiality and privacy are often used interchangeably. Below, we discuss cryptography, operative manners of protecting confidentiality, and we have included some tips on confidentiality agreements.

Cryptography

Cryptography’s beginning can be traced thousands of years ago. However, the contemporary cryptography differs substantially from the classic one, which used pen and paper for encryption and which was far less complex. The establishment of the Enigma rotor machine and the subsequent emergence of electronics and computing enabled the usage of much more elaborate schemes and allowed confidentiality to be protected much more effectively.

Encryption is an accepted and effective way of protecting data in transit but is increasingly being used for protecting data at rest as well. The Computer Security Institute published the results of a survey in 2007, which showed that 71% of the businesses used encryption for various data in transit while 53% used encryption for selections of data at rest. Furthermore, there are different techniques for preserving confidentiality depending on whether the data is in motion, at rest or a physical object. Naturally, access controls are also a necessity for maintaining confidentiality. Access controls can consist of passwords, biometrics, or a mixture of both. As regards to physical data, its means of protection are somewhat similar – access to the area where the information is kept may be granted only with the proper badge or any different form of authorization, it can be physically locked in a safe or a file cabinet, there could be access controls, cameras, security, etc.

Encryption consists of changing the data located in files into unreadable bits of characters unless a key to decode the file is provided. In manual encryption, the user utilizes software and initiates the encryption. In transparent encryption, the encryption happens automatically without any intervention on the side of the user.

Symmetric encryption occurs by utilizing character substitution with a key that will be the only means of decrypting the bits of information. Conversely, asymmetric encryption is used when there are two keys, a public key, and a private key. Any person may encrypt the information with the public key but it can only be decrypted by the holder of the private key.

Watch this space for more information on this topic!

What is Replay Attack?

A replay attack is a class of network attack in which an aggressor detects a data communication and deceitfully has it deferred or repeated. The postponement or repeat of the data transmission is carried out by the sender or by the malevolent entity, who intercepts the data and retransmits it. In other words, a replay attack is an attack on the safety protocol using replays of data transmission from another sender into the proposed into reception system, thereby fooling the members into believing they have effectively completed the data transmission. Replay attacks help attackers to gain access to a grid, gain data which would not have been effortlessly available or complete a replica transaction.

Note: A replay attack is also known as a playback attack.

Averting a Replay Attack

Averting such an attack is all about having the right technique of encryption. Encrypted communications carry “keys” within them, and when they’re deciphered at the end of the transmission, they open the communication. In a replay attack, it doesn’t matter if the aggressor who intercepted the original communication can read or decrypt the key. All he or she has to do is seize and resend the entire thing — communication and key — together.

To counter this possibility, both sender and receiver should establish a completely random session key, which is a type of code that is only valid for one transaction and can’t be used again. Another pre-emptive measure for this type of attack is using time-stamps on all messages. This averts hackers from resending messages sent longer ago than a certain length of time, thus reducing the window of chance for an attacker to eavesdrop, siphon off the message, and resend it.

Another technique to avoid becoming a victim is to have a password for each transaction that’s only used once and superfluous. That guarantees that even if the message is verified and resent by an attacker, the encryption code has perished and no longer works.

XcelToken Upgrade Announcement

It is imperative for us at XcelLab to provide you with the best, most secure token possible and due to this we are now upgrading the features and security of XcelToken. XcelLab is driven to make sure that you can make the most of the token- not only through trading but also with the ability to use it in your day to day transactions, making your life simpler.

We are now upgrading XcelToken, due to abundance of caution, improved functionality and security. A smooth and seamless relocation will take place form the 10^th to the 15^th of May, 2019. After this upgrade you will be able to trade in XcelToken on eight different platforms from the 15^th of May, 2019, aside from the trading, XcelToken is adopted into usage on XcelTrip– an online travel booking platform where you can check-in at over 800,000 hotels and book tickets with over 400 airlines, XcelPay– a merchant POS and digital payment wallet through which you can now recharge your phones with 900 different carrier services and in 160 countries, with cryptocurrency. With many more use-cases to follow.

You may be wondering if this upgrade would affect the value of the token negatively, XcelLab assures you that the value of the token will remain the same and the upgrade is merely to make sure that you, our customer receives a token that possesses maximum security.

Keep your eyes open for more information that is to follow.

We thank you for your patience and cooperation.

Note- Please do not move your XcelTokens from your wallets from the 10^th to the 15^th of May, 2019.