OpenAjax Adds Security, Mobility To Web 2.0 Apps

The industry group looks to improve mashup security and open up APIs for mobile devices with an update to its publish/subscribe platform.

Terry Sweeney, Contributing Editor

March 17, 2008

2 Min Read
InformationWeek logo in a gray background | InformationWeek

The OpenAjax Alliance on Monday updated its publish/subscribe platform, and unveiled Mobile Ajax for mobile devices at the AjaxWorld conference in New York.

Ajax -- asynchronous JavaScript and XML -- powers most Web 2.0 applications, including mashups, as well as gadgets, which can be placed on Web pages or social networking sites to show weather, incoming mail or other highly customized content. But like any other code, mashups and gadgets are vulnerable to malicious attacks. Ajax-based content also hasn't penetrated the mobile world much, the alliance said.

The alliance's newly revamped framework, OpenAjax Hub 1.1, extends the publish/subscribe features and allows incorporation of untrusted mashup components, known as widgets, from third parties. Using IBM's Smash technology, untrusted widgets are isolated into IFrames and can only communicate with the rest of the mashup through a secure, mediated message bus. Later, the alliance expects to issue standard API for OpenAjax Hub 1.1, along with a commercial-ready open source JavaScript reference implementation, the group said, in a statement.

Mobile Ajax, its other initiative, is intended to broaden use of Ajax on mobile phones. Many Ajax-powered mobile applications require integration with the phone's operating system for physical location or for one-touch dialing, for example. To address the OS integration requirement, the Mobile Ajax committee will establish use cases, requirements, and characterize the requirements of the security effort, with likely follow-on efforts to pursue industry standards and/or open source, the alliance explained.

"By unifying the industry around a common approach, and defining the security requirements, OpenAjax Alliance's efforts will help propel the next-generation of mobile applications," said Brad Sipes, CTO and vice president of engineering for Ikivo, and a co-chair of the Mobile Task Force at OpenAjax Alliance.

Vodafone is also working with the task force to develop new Web-based services and applications, the carrier said.

Read more about:

20082008

About the Author

Terry Sweeney

Contributing Editor

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, Network World, InformationWeek and Mobile Sports Report.

In addition to information security, Sweeney has written extensively about cloud computing, wireless technologies, storage networking, and analytics. After watching successive waves of technological advancement, he still prefers to chronicle the actual application of these breakthroughs by businesses and public sector organizations.

Sweeney is also the founder and chief jarhead of Paragon Jams, which specializes in small-batch jams and preserves for adults.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights