[unisog] WEB2.0 Security Issues
bobmah at MIT.EDU
Thu Jan 25 03:56:11 GMT 2007
One possible area of concern is in mashup security. Whatever the
data sources/service offerings are, crossing boundaries of control &
security assumptions always offers possibilities for the Wrong Thing
What Valdis and Adam said is right on, but while we may have the same
sorts of threats, it might not always be obvious how many web
services came together to return a given page. So the chance that
server maintainers have made mistakes multiplies.
As campus developers start routinely using and offering data access
and web app APIs, some awareness of potential problems is a good thing.
There were some security discussions at mashup camp last week (http://
mashupcamp.com) but they don't seem to be in the wiki as yet.
More information about the unisog