Welcome!

AJAX & REA Authors: Marek Miesiac, Loraine Antrim, Liz McMillan, Yeshim Deniz, Chris Fleck

Related Topics: AJAX & REA, Open Source

AJAX & REA: Article

OpenAjax Alliance Announces New Initiatives for Secure Mashups and Mobile AJAX

Industry consortium on AJAX development further commits to security
By RIA News Desk
Article Rating:
September 25, 2007 09:00 AM EDT
Reads:
 9,387

OpenAjax Alliance has revealed new initiatives for secure mashups and mobile AJAX, as well as a new white paper on AJAX security. As AJAX and mashups continue to gain widespread acceptance under the Web 2.0 umbrella, it is critical for organizations to understand these threats and to avoid them by adhering to some best practices.

The alliance has released a new white paper titled "Ajax and Mashup Security," which summarizes the ways in which AJAX applications could be attacked and provides a set of best practice techniques to address each of the vulnerability areas. Available at www.openajax.org, the white paper represents the collaborative efforts of AJAX security experts from multiple companies, and was a joint effort by the OpenAjax Alliance Security committee and the Marketing Working Group.

In addition to a strong focus on security, the OpenAjax Alliance is holding InteropFest 1.0 , which is the final integration testing phase of OpenAjax Hub 1.0. OpenAjax Hub is a small JavaScript library that allows multiple AJAX toolkits to work together on the same page. The central feature is a publish/subscribe event manager, which enables loose assembly and integration of AJAX components. OpenAjax Alliance will deliver both an open specification and a reference open source implementation. Standards are the key to interoperability, and allow the true possibilities of Ajax and Web 2.0 to be realized.

Simultaneous with finalization activities on OpenAjax Hub 1.0, the alliance has begun work on OpenAjax Hub 1.1, which will extend OpenAjax Hub to add support for secure mashups and to enable mediated Comet-style client/server messaging. As with OpenAjax Hub 1.1, the alliance will deliver both a specification and a commercial-quality open source reference implementation. The secure mashup features of OpenAjax Hub 1.1 will isolate mashup components in secure “sandboxes” and use the OpenAjax Hub’s publish/subscribe features to achieve mediated cross-component messaging.

The alliance has also launched its new Mobile Ajax committee, which will focus on both educational materials and technical standards. As part of its Mobile AJAX efforts, OpenAjax Alliance is co-sponsoring a Workshop on Mobile AJAX on Friday September 28 in partnership with the World Wide Web Consortium (W3C).

Published September 25, 2007 – Reads 9,387
Copyright © 2007 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

About RIA News Desk

Ever since Google popularized a smarter, more responsive and interactive Web experience by using AJAX (Asynchronous JavaScript + XML) for its Google Maps & Gmail applications, SYS-CON's RIA News Desk has been covering every aspect of Rich Internet Applications and those creating and deploying them. If you have breaking RIA news, please send it to RIA@sys-con.com to share your product and company news coverage with AJAXWorld readers.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.