Towards Security-Enhanced and Privacy-Preserving Mashup Compositions

H. Hobel, J. Heurix, A. Anjomshoaa, E. Weippl:
"Towards Security-Enhanced and Privacy-Preserving Mashup Compositions";
Vortrag: 28th IFIP TC-11 International Information Security and Privacy Conference (SEC2013), Auckland, New Zealand; 08.07.2013 - 10.07.2013; in:"Security and Privacy Protection in Information Processing Systems - 28th IFIP TC 11 International Conference, SEC 2013, Auckland, New Zealand, July 8-10, 2013. Proceedings", Springer-Verlag GmbH, Vol 405 (2013), ISBN: 978-3-642-39217-7; S. 286 - 299.

[ Publication Database ]


In recent years, there has been an emerging trend towards people building their own sophisticated applications to automate their daily tasks without specialized programming knowledge. Enterprise mashups facilitate end usersĀ“ development of applications in a business context autonomously or with minimal support from the software engineering staff. Hence, mashup solutions are aimed at exploiting the full potential of end usersĀ“ software development. However, the use of mashup solutions for business tasks gives rise toseveral security and privacy-related questions, since sensitive data records could be created even with simple procedures. In this paper, we propose an approach where security rules for mashup compositions can be defined, and submitted mashups are automatically evaluated for compliance with the respective policies.