群件中的Ajax安全性

32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06) Pub Date : 2006-08-29 DOI:10.1109/EUROMICRO.2006.18

M. Sonntag

{"title":"群件中的Ajax安全性","authors":"M. Sonntag","doi":"10.1109/EUROMICRO.2006.18","DOIUrl":null,"url":null,"abstract":"Ajax is a new model for Web applications to provide more responsive and faster user interfaces resembling more closely that of applications. Typical usage areas are user input validation without page submission, integrating small elements from several servers on a single page, and simulating push-services. Especially the latter are promising for enhancing groupware applications and for realizing them directly in browsers without plug-ins or additional software. The Ajax programming model introduces new security issues, which could be especially dangerous as they were not fully accounted for in previous threat models or considered as of less importance. This paper investigates the security implications of Ajax and discusses possible solutions with a special focus on the context of groupware. It explains security issues which are inherent to the Ajax programming model or are exacerbated through it, and which especially affect cooperative application","PeriodicalId":213772,"journal":{"name":"32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Ajax Security in Groupware\",\"authors\":\"M. Sonntag\",\"doi\":\"10.1109/EUROMICRO.2006.18\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Ajax is a new model for Web applications to provide more responsive and faster user interfaces resembling more closely that of applications. Typical usage areas are user input validation without page submission, integrating small elements from several servers on a single page, and simulating push-services. Especially the latter are promising for enhancing groupware applications and for realizing them directly in browsers without plug-ins or additional software. The Ajax programming model introduces new security issues, which could be especially dangerous as they were not fully accounted for in previous threat models or considered as of less importance. This paper investigates the security implications of Ajax and discusses possible solutions with a special focus on the context of groupware. It explains security issues which are inherent to the Ajax programming model or are exacerbated through it, and which especially affect cooperative application\",\"PeriodicalId\":213772,\"journal\":{\"name\":\"32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)\",\"volume\":\"78 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-08-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EUROMICRO.2006.18\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EUROMICRO.2006.18","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 14

摘要

Ajax是Web应用程序的一种新模型，它提供了与应用程序更接近的响应更快的用户界面。典型的使用领域是不提交页面的用户输入验证，在单个页面上集成来自多个服务器的小元素，以及模拟推送服务。特别是后者有望增强群件应用程序，并直接在浏览器中实现它们，而无需插件或其他软件。Ajax编程模型引入了新的安全问题，这些问题可能特别危险，因为它们在以前的威胁模型中没有得到充分考虑，或者被认为不太重要。本文研究了Ajax的安全含义，并讨论了可能的解决方案，特别关注群件的上下文。它解释了Ajax编程模型固有的或通过它而加剧的安全问题，这些问题特别影响协作应用程序

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Ajax Security in Groupware

Ajax is a new model for Web applications to provide more responsive and faster user interfaces resembling more closely that of applications. Typical usage areas are user input validation without page submission, integrating small elements from several servers on a single page, and simulating push-services. Especially the latter are promising for enhancing groupware applications and for realizing them directly in browsers without plug-ins or additional software. The Ajax programming model introduces new security issues, which could be especially dangerous as they were not fully accounted for in previous threat models or considered as of less importance. This paper investigates the security implications of Ajax and discusses possible solutions with a special focus on the context of groupware. It explains security issues which are inherent to the Ajax programming model or are exacerbated through it, and which especially affect cooperative application

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

32nd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO'06)

自引率

0.00%

发文量