Sciweavers

Share
WWW
2007
ACM

Subspace: secure cross-domain communication for web mashups

9 years 10 months ago
Subspace: secure cross-domain communication for web mashups
Combining data and code from third-party sources has enabled a new wave of web mashups that add creativity and functionality to web applications. However, browsers are poorly designed to pass data between domains, often forcing web developers to abandon security in the name of functionality. To address this deficiency, we developed Subspace, a cross-domain communication mechanism that allows efficient communication across domains without sacrificing security. Our prototype requires only a small JavaScript library, and works across all major browsers. We believe Subspace can serve as a new secure communication primitive for web mashups. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection--Unauthorized Access General Terms Design, Security, Performance Keywords access control, trust, web services, same origin policy
Collin Jackson, Helen J. Wang
Added 21 Nov 2009
Updated 21 Nov 2009
Type Conference
Year 2007
Where WWW
Authors Collin Jackson, Helen J. Wang
Comments (0)
books