Special Offers
- IGI Global’s New Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 17 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
Open Access
- View All Open Access Opportunities
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all of IGI Global’s available open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through IGI Global’s Restrospective Open Access Program.
  Utilize Open Access Content
  Open up your research potential by utilizing IGI Global's open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open accesss endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global to publish your work under open access? Review IGI Global’s open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us
Newsroom

Threat Modeling: Securing Web 2.0 Based Rich Service Consumers

Nishtha Srivastava, Sumeet Gupta, Mayank Mathur

Source Title: Web Services Security Development and Architecture: Theoretical and Practical Issues

DOI: 10.4018/978-1-60566-950-2.ch011

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

This research work proposes a threat modeling approach for Web 2.0 applications. The authors’ approach is based on applying informal method of threat modeling for Web 2.0 applications. Traditional enterprises are skeptical in adopting Web 2.0 applications for internal and commercial use in public-facing situations, with customers and partners. One of the prime concerns for this is lack of security over public networks. Threat modeling is a technique for complete analysis and review of security aspects of application. The authors will show why existing threat modeling approaches cannot be applied to Web 2.0 applications, and how their new approach is a simple way of applying threat modeling to Web 2.0 applications.

Chapter Preview

Top

Introduction

One of the major trends in the IT industry today is the adoption of Service Oriented Architecture (SOA) in building applications leading to a flexible and standardized architecture for better collaboration and sharing of data among various applications. The evolution of Web 2.0 technologies such as blogs, wikis, podcasts, RSS, etc. has emerged as a key facilitator for creating rich service consumer ecosystems to augment the benefits of SOA including interoperability, reuse and standardization. This has expanded the reach of SOA with rich interactive controls and adoption of Web 2.0 tools and services to access content for any user at any time through any channel.

What is Web 2.0?

Web 2.0 is a term coined by Tim O’Reilly describing changing trends for using World Wide Web (www) as a platform to facilitate information collaboration. These concepts have led to the development and evolution of web-based communities such as social-networking and video sharing sites, content generation tools and services such as wikis, blogs, podcasts, content tagging and aggregation. Other key concepts that have emerged include web syndication like RSS and Mashup applications, which combine content from more than one source for an integrated experience. Although the term Web 2.0 suggests a new version of the web, it does not refer any update to technical specifications, but to changes in the way software developers and end-users utilize the web.

Web 2.0 is basically a new way to use existing Internet technologies— such as XML and JavaScript—to enable participation, interaction, and collaboration among users, content providers, and businesses, rather than just the traditional viewing of static web pages, said Hewlett-Packard security evangelist Michael Sutton. (Lawton, n.d.)

Evolution of Web 2.0 Based Technologies and Systems

Application development has evolved over the years from purely desktop application to purely web application to what is now an application nurturing the best of the both i.e. RIAs. The result of this has blurred the line between purely desktop and exclusively web applications. Historically, the web had been a largely unidirectional, designed as a medium for print content. Web was adopted as means of content sharing and small-scale data exchange via e-mail, corporate sites, and so forth. But it was not architected as a responsive writable means to leverage as a platform and a common working place. Although client-server computing idea of separating user interfaces (UI) from business logic and data persistence was good, the UIs tight coupling restricted choice of server-side technology. To overcome these shortcomings there was a requirement to effectively utilize web as a Content Management Workplace. It was required to capture, deliver, customize, and manage web content across an enterprise/division and so evolved Web 2.0 technologies.

This evolution led to the development of functionally rich and responsive applications using web as a platform rather than the typically static pages of traditional web technologies. These applications run on some complex set of technologies such as Asynchronous JavaScript and XML (AJAX), Flash, JavaScript Object Notation (JSON), Simple Object Access Protocol (SOAP), Representational State Transfer (REST). These technologies along with cross-domain information access contributed in empowering the client. This allowed end-users to add, generate and share content onto web in real time. This facilitated co-creation of ideas by information sharing and collaborative development which led to the development and evolution of web-based communities and hosted services, such as social-networking sites, video sharing sites, wikis and blogs.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference