Security in a Web 2.0 World

Security in a Web 2.0 World

Richard T. Barnes (SunGard Higher Education, USA)
Copyright: © 2009 |Pages: 10
DOI: 10.4018/978-1-60566-122-3.ch005
OnDemand PDF Download:
No Current Special Offers


Web 2.0 has brought enumerable benefits as well as daunting problems of securing transactions, computers, and identities. Powerful hacker techniques, including cross-site scripting (XSS) and cross-site request forgery (CSRF), are used to exploit applications to reveal and steal, at the worst, confidential information and money, or, at the least, cause trouble and waste time and money for reasons that may be best described as fun or simply possible to do. The people interested in transgressing Web 2.0 applications do so for money, prestige, or for the challenge. An infamous hacker from the early days of the Internet now heads his own Internet security company. A more recent hacker of some infamy has created a stir of concern and consternation as to how pervasive and potentially destructive hacker attacks can be. Securing Web 2.0 applications requires a multifaceted approach involving improved code development standards, organizational policy changes, protected servers and workstations, and aggressive law enforcement.
Chapter Preview


It is perhaps ironic that the following definition for application security comes from one of the best known wikis, Wikipedia. Application security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system through flaws in the design, development, or deployment of the application. This definition is an excellent start in addressing a very large problem. However, it does not really tell us why; that is, why is it necessary to prevent exceptions to security policy?

A broader definition may help. There are several definitions of the word security: The freedom from danger or the freedom from fear and anxiety are two variants that tell us why application security is so important to Web 2.0 applications. Identity theft, corporate espionage or sabotage, and/or simple maliciousness are certainly enough to give most of us some pause or anxiety. Application security, as it relates to Web 2.0, is now an area of great attention because of our collective need to be free of these dangers.

A confluence of factors has complicated our lives as Web 2.0 becomes a more significant presence. The graphics-rich functionality, collaboration, and opportunities have not only yielded “serendipitous innovation” (Tapscott & Williams, 2006), but less desirable consequences, too.

Complete Chapter List

Search this Book: