Skip to Main Content
Securing Ajax Applications
book

Securing Ajax Applications

by Christopher Wells
July 2007
Intermediate to advanced content levelIntermediate to advanced
256 pages
6h 19m
English
O'Reilly Media, Inc.
Content preview from Securing Ajax Applications

Security and Web Services

Like the Web itself, web services were not created with security in mind. And like the Web itself, attempts have been made to staple security on to web services now that it's needed.

The central problem is that web services want to talk to each other. They are designed to be used and reused in multiple different ways. They advertise themselves and promote their functionality. So, when all you want to do is talk to each other, implementing anything that gets in the way of that communication—such as security—is undesirable.

To make matters worse, applications, components, and services can be discovered without a prior business relationship. What do we do about authentication, authorization, nonrepudiation, and data integrity?

As people deploy more applications using web services applications that used to be strictly only on the internal intranet are now finding their way onto the public Internet. These applications then open up data and functionality to promote use and reuse. But if care is not taken, these web services can be huge security risks.

So, how do we do it securely? Where do we start? First we need to figure out who our users are. Who are we exposing data and services to? Who wants to know? How do we know who they are?

Identification

Hey, buddy, let's see some I.D. Identification is the means by which a web service can know who or what is calling it. Much like a bouncer at the local bar, a web service needs to validate identity at the door. Identity, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ajax Security

Ajax Security

Billy Hoffman, Bryan Sullivan
Firefox Hacks

Firefox Hacks

Nigel McFarlane

Publisher Resources

ISBN: 9780596529314Errata Page