Web 2.0 Security     


Web 2.0 Security - Publications

The following article surveys security issues pertaining to AJAX and Web2.0

The following paper describes our approach and prototype for securing mashup type applications.

We also published many ideas in the Web2.0 Security and Privacy Workshops held in conjunction with the IEEE Symposium on Security and Privacy and co-founded by IBM Researcher Larry Koved.

  • Paul A. Karger. Mashups Legitimize Man-in-the-Middle Attacks (paper, slides)
  • Sumeer Bhola, Suresh Chari, and Michael Steiner. Security for Web 2.0 Application Scenarios: Exposures, Issues, and Challenges (paper, slides)
  • Sachiko Yoshihama, Naohiko Uramoto, Satoshi Makino, Ai Ishida, Shinya Kawanaka, and Frederik De Keukelaere. Security Model for the Client-Side Web Application Environments (paper, slides)
  • K. Vikram and Michael Steiner. Mashup Component Isolation via Server-Side Analysis and Instrumentation (paper, slides)
  • Mihai Christodorescu. Private Use of Untrusted Web Servers via Opportunistic Encryption ( paper, slides)
  • Paula Austel, Sumeer Bhola, Suresh Chari, Larry Koved, Michael McIntosh, Michael Steiner, Samuel Weber. Secure Delegation for Web 2.0 and Mashups (paper)
  • Suresh Chari, Larry Koved, and Mary Ellen Zurko. Using Recommenders for Discretionary Access Control (paper, slides)