Tuesday, April 22, 2008

Securing User-Centric Mashup Applications


Here is a little whitepaper written primarily by Sigbjorn with help from me and Eric from Galois

Abstract
Having the ability to easily combine together information from a number of disparate input sources into a greater whole is a touted benefit of 'Web2.0' mashup applications. They have great promise as flexible, and user-tailored ways to both disseminate and collaborate on information on the web, but with today's web technology, face a number of security risks when being asked to also aggregate restricted information sources. This paper introduces the domain and what these risks are, along with suggested mashup application architectures that are more secure.

No comments:

Post a Comment