Security of Web Mashups: A Survey
نویسندگان
چکیده
Web mashups, a new web application development paradigm, combine content and services from multiple origins into a new service. Web mashups heavily depend on interaction between content from multiple origins and communication with different origins. Contradictory, mashup security relies on separation for protecting code and data. Traditional HTML techniques fail to address both the interaction/communication needs and the separation needs. This paper proposes concrete requirements for building secure mashups, divided in four categories: separation, interaction, communication and advanced behavior control. For the first three categories, all currently available techniques are discussed in light of the proposed requirements. For the last category, we present three relevant academic research results with high potential. We conclude the paper by highlighting the most applicable techniques for building secure mashups, because of functionality and standardization. We also discuss opportunities for future improvements and developments.
منابع مشابه
ایجاد نیمه خودکار مشاپ های سازمانی با استفاده از توصیفات معنایی
Mashups are next generation of web applications. A mashup is a lightweight web application that is created by combining information or capabilities from more than one existing resources to deliver a new and integrated experience to the user. Mashups introduce a new class of integration techniques in enterprises for implementing situational applications (i.e. applications that come together to s...
متن کاملSecurity of Web Mashups: a Survey
Evolution of Web 2.0 applications has changed the outlook of business models and companies. Organizations need to rethink their communication, marketing and s ale channels and how their employees and customers interact together internally and externally. Following this new trend, they also need to adopt their IT infrastructure and enhance their online presence and services in order to stay comp...
متن کاملBuilding Secure Web Mashups
Web applications that integrate content from multiple web sites within the user’s browser are becoming increasingly common. Although the socalled “same-origin policy” was designed to prevent such interactions from occurring, these applications, known as web mashups, use a variety of means to circumvent this policy. While mashups are quite popular among web users, they expose users to a variety ...
متن کاملMashup: a New Way of Providing Web Mapping/gis Services
Recent development of Google Map, Yahoo! Map and MapQuest APIs have pushed map mashups almost to the top among other types of mashups such as news mashups, search and shopping mashups, and video and photo mashups. However, map mashups should not reply on these open data sources and services only. Developing a mashup in general faces a number of challenges. These include: 1) the difficulties in ...
متن کاملTowards Semantic Mashups: Tools, Methodologies, and State of the Art
Semantic Mashups constitute a relatively new genre of applications that illustrate the combination of the current trends of the Web, i.e. the Semantic Web and Web 2.0. The great benefit of Semantic mashups lies in the ability to aggregate different and heterogeneous data with rich semantic annotations and due to this, an additional ease of integration. In this paper, the authors attempt to outl...
متن کامل