More Scary News on Web 2.0, Mashups | Blogs | ITBusinessEdge.com

Newsletters Welcome, Guest Log In | Register

Data and Telecom

Companies’ communications strategies must be agile in a rapidly evolving market

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

Recent Posts

0

More Scary News on Web 2.0, Mashups

Posted by Carl Weinschenk Mar 27, 2008 2:09:00 PM

I blogged a little earlier in the day about bad news from WhiteHat Security about threats opened up by new Web 2.0 technologies.

WhiteHat is not alone.

The press release describing Websense's ThreatSeeker Network, which was introduced this week, takes the position that the proliferation of highly interactive collaborative Web 2.0 and related applications overwhelms traditional signature-based antivirus techniques. Instead, ThreatSeeker relies on a grid computing and its "Internet HoneyGrid" to assess what actually is happening on the Internet. This information is relayed to customers' data and security products through the Websense Web.

Mashups, a family of Web 2.0 applications that is starting to permeate the enterprise, are particularly risky. This JackBe piece delineates four elements of mashups, all of which pose security challenges: Mashups are created by end users; potentially are shared with folks outside the firewall; are created from different sources, some of which may be outside the firewall; and use a variety of interface formats.

The blogger proposes three criteria for enforcing security. The three elements mostly deal with the way in which identities and authorization are handled across the various elements of the mashup. The explanations are a bit complex, but the basic idea is that a way must be built into to the system that enables control of access rights.

Sphere: Related Content Print 0 Comments Permalink

Social Web
Send Email

To ShareThis, click on a service below:

Digg

del.icio.us

Email this article to a friend

X

Related Content

Topic: Application Security

[ Blog ] IT Needs to Get Control over IPhone Security
[ Article ] Beta Doesn't Always Mean Bad
[ White Paper ] What Every Executive Needs to Know about Application Security

Topic: Network Security

[ Blog ] Communicating E-Commerce Security Efforts with Consumers
[ Article ] NSF Problem Proves Basic Content Filtering No Longer Enough
[ White Paper ] Bullet-Proofing Instant Messaging

Add a comment Leave a comment on this blog post.

There are no comments on this post

Related Content

Topic: Software and Web Development

Keeping projects on target, on schedule and under budget is a serious challenge

Blog: Collaboration Is Key to Taking Agile Development Offshore

Article: Project and Portfolio Management Keeps Development on Track

White Paper: Managing Best Practices in the World of PL/SQL Development

Related Topics

Application Security, Network Security, Web Applications

Featured White Papers

Reduce Cost and Improve Service Levels with Application Performance Monitoring Simplification

Join Mary Johnston Turner, IDC Research Director, and John Frech, IBM VP, as they discuss the importance of a simplified and effective approach to application performance monitoring.

The IBM Rational Jazz Strategy for Collaborative Application Lifecycle Management

This white paper discusses the Jazz project, a set of integrated tools and processes that help people working on distributed teams become more effective in producing software solutions.

Resource Centers

: Power Supply Solutions

Comprehensive power protection solutions.
: Data Deduplication

Data manipulation strategies that make data stores more manageable and reduce the need for storage capacity and its associated costs.

Featured Whitepapers

Minimizing the Impact of Economic Difficulties by Migrating from DAS to Networked Storage
: Responding to Change

The technology tips and tools to enhance your ability to respond to business change with ease and success.

Featured Whitepapers

Driving Business Agility Through SOA Connectivity and Integration
: Security SaaS Solutions

Hosted security solutions that not only protect your data, but reduce your security management TCO, as well.

Featured Whitepapers

Why Security SaaS Makes Sense Today

Premium Tools

Windows 7 Upgrade Project Kit

Moving to Windows 7? The Windows 7 Upgrade Project Kit is the ideal support tool for managing all phases of an organizational upgrade to Windows 7. The tools and templates in this kit will help you develop a strategy and map out the implementation tactics which link your Windows 7 deployment to your company's bottom line.

Strategic IT Planning & Governance Best Practices Guide

Use this guide — along with the more than 60 templates included — to ensure the overall success of your entire IT department.