search query: @keyword Ajax / total: 37
reference: 8 / 37
Author: | Rahman, S. M. Moshiur |
Title: | AJAX and Mashup security |
Publication type: | Master's thesis |
Publication year: | 2010 |
Pages: | [8] + 67 Language: eng |
Department/School: | Informaatio- ja luonnontieteiden tiedekunta |
Main subject: | Tietokoneverkot (T-110) |
Supervisor: | Aura, Tuomas |
Instructor: | Tarkoma, Sasu ; Sarjakoski, Liia |
OEVS: | Electronic archive copy is available via Aalto Thesis Database.
Instructions Reading digital theses in the closed network of the Aalto University Harald Herlin Learning CentreIn the closed network of Learning Centre you can read digital and digitized theses not available in the open network. The Learning Centre contact details and opening hours: https://learningcentre.aalto.fi/en/harald-herlin-learning-centre/ You can read theses on the Learning Centre customer computers, which are available on all floors.
Logging on to the customer computers
Opening a thesis
Reading the thesis
Printing the thesis
|
Location: | P1 Ark Aalto 6921 | Archive |
Keywords: | Web 2.0 AJAX Mashup XSS CSRF |
Abstract (eng): | One of the core components of Web 2.0 applications is AJAX. The use of AJAX has transformed the web into a super platform. But this technological change has also given new types of worm and virus, such as Yamanner and Samy. Different web applications like Google, Yahoo and MySpace have experienced new vulnerabilities. Web applications that combine data from different sources are becoming increasingly useful. An AJAX mashup is a hybrid application. It uses AJAX techniques to present a rich user interface and updates content that it retrieves asynchronously from different sources or content. Current browser security models were not designed to support such applications. Mashup brings new security issues which provide different ways of attacks if proper security policies are not exist in web application. Web 2.0 applications also increase the possibility of different kinds of attacks such as Cross-site scripting (XSS). Cross-site Request Forgery (CSRF) and JavaScript Hijacking etc. This thesis focuses on the AJAX and Mashup security. The most important technologies used in creating mashups, like AJAX, and the basic functionality behind the mashups are introduced briefly. After that the security issues concerning the technologies, the principles of mashups and the current security model of web browsers are discussed. Also, prevention methods against different vulnerabilities are described in this thesis. |
ED: | 2011-05-05 |
INSSI record number: 41636
+ add basket
INSSI