IBM aims to secure ‘mashups’
Applications mashing together Web and voice features are all the rage, but enterprises and service providers have security concerns about opening up APIs that your average Web developer can probably afford to ignore.
IBM this week released technology called SMash (for secure Mashup) that aims to improve the security of such so-called mashups. It works by adding an authentication mechanism by which each contributing Web service can be verified and shown to be trusted. Only then does the application allow API access and permit the script to be executed.
“Security concerns can't be a complete inhibitor or clients lose out on the immense benefit mashups bring,” said Rod Smith, IBM Fellow & Vice President, in a statement.
Mashups work by pulling together Web services from all over the Internet strung together using open, published programming interfaces. While initially a Web phenomenon, a variety of players – from VoIP providers and vendors to mainstream service providers – are opening up APIs to network functionality so voice features can be added to the mashup mix.
IBM is contributing SMash to the OpenAjax Alliance, which it founded. It will be included as part of the upcoming OpenAjax Hub 1.1 standard, slated for release in June.
Another industry effort, OpenSAM (for Open Simple Application Mashups), is setting best practices for mashup creation, including addressing security concerns. Meanwhile, Dataportability.org also addresses mashups as part of its charter, but focuses mainly on data sharing issues.
For SMash to take off, large Web API vendors such as Google, Amazon and Yahoo will need to support the approach and settle on common protocols. The same will need to happen on the communications side for voice features to be part of the secure mashup equation.
IBM plans to include SMash technology in some of its WebSphere application server products as well as its business-focused mashup maker, Lotus Mashups, slated to be available this summer.
IBM will formally debut SMash in a paper presented at the International World Wide Web Conference, in Bejing, China, in April 2008. IBM Research has made initial details available in a technical whitepaper.
Want to use this article? Click here for options!
© 2014 Penton Media Inc.
From the Blog
Join the Discussion
Get more out of Connected Planet by visiting our related resources below:
Connected Planet highlights the next generation of service providers, as well as how their customers use services in new ways.Subscribe Now