Skip to content

Security in mashups

August 3, 2009
tags:

 Security in mashups:
Policy level security refers to design -time policies and procedures. This approach doesn’t deal with the primary technology , nor the security tools and technology , but shows the security threats through rules , governance , procedures and education.
To create a securtiy policy for mashups, you need to run through the use cases and also examine how the information and behaviour of the underlying corporate systems should be protected. Most enterprises have existing guidelines for security , including policies that may state that data can’t be transmitted outside the firewall without encryption.
Data-access level security controls access to underlying databases and data stores,ensuring that information leveraged by mashups wont be compromised. while policy applies here as well , this is mostly a matter of technology to provide the protection , or layers of security between the data and mashup.
Security at the data-access level is pretty traditional , including password protection at the database , table and record levels. The mashup must provide identifications in order to consume the data from the data store , but what the mashup does with that information is out of the control of the data-access level security mechanism.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: