Ajax alliance to secure mash-ups

The OpenAjax Alliance has put forth an aggressive roadmap for securing and interoperating AJAX tools and mash-ups.

Share

The OpenAjax Alliance has put forth an aggressive roadmap for securing and interoperating Ajax tools and mash-ups.

Speaking at the AjaxWorld conference in California, Jon Ferraiolo, OpenAjax operations manager and an IBM web architect, detailed the upcoming release of the OpenAjax Hub 1.0 and the follow-up 1.1 release. Ferraiolo also discussed the OpenAjax Registry and IDE accommodations for Ajax.

With the hub, the alliance aims to iron out interoperability issues between Ajax tool-kits.

"Sometimes, they actually prevent each other from working. They step on each other," Ferraiolo said.

Developers can use the hub to integrate multiple tool-kits within the same web page while tool-kit developers can use it to allow tool-kits to talk to other tool-kits. While the 1.0 hub is useful in mash-up scenarios where all components come from a trusted source, version 1.1 adds a security layer for untrusted components to protect from any components that might be malicious.

The 1.0 version of the hub, to include Ajax library registration and a publish-and-subscribe engine, is due by the end of this year. Version 1.1 is planned for approval next year, although a full implementation is slated to be ready by the end of 2007.

"One of the key features [in version 1.1] is secure mash-ups," said Ferraiolo. "It's very much a security-focused enhancement providing a secure mash-up framework," he said.

IBM-contributed technology called SMash, for Secure Mashups, is being included in version 1.1. It provides for secure handling of third-party mash-up components.

Find your next job with computerworld UK jobs