One practical real-world solution to Secure Mashups

May 14th, 2007

Dion Almaer points us to a recently released paper [pdf] from Collin Jackson and Helen Wang introducing their research into a new method of Secure Cross-Domain Communication for Web Mashups.

The method is designed to provide secure cross-domain scripting using the tools that are available now, so we don’t have to wait for the next generation of browsers to provide purpose-built mechanisms.

Collin and Helen, along with some other Microsoft colleagues, have also authored another paper entitled MashupOS: Operating System Abstractions for Client Mashups [pdf] that is worth reading.

2 comments to “One practical real-world solution to Secure Mashups”

  1. Interesting that it uses frame/iframe method just like the good old days of JSRS!!!!

  2. […] CrossSafe apparently uses a technique similiar to that described in the Subspace document I blogged about recently. I’m looking forward to inpecting the code since there was no code released with the research paper. […]