3.1.5 Delegation of Authorisation Rights
Web 2.0 applications which aggregate other services often need authorisation to access sensitive information. A classic example is the delegation of authorisation to access an email address book to
a social networking application. Another example is a service which aggregates different Internet banking services into one page.
Web 2.0 Security and Privacy
14
Web Provider 1 Access Control
Rules
Access Control Rules
Web Provider 1 Web Provider 1
Access Control Rules
Data Data
User Limited
Access Ticket Web Application
Widget Personal Data
4 Typical Web 2.0 Application Scenarios and their Security-relevant Features
4.1.1 Mashups
Mashups build new web services by combining data and components from existing web applications. When the underlying services require user authentication, a mashup user must grant the mashup
access to his or her underlying accounts. For example, consider a mashup that reads the header information for all spam messages in a user’s Yahoo Web Mail account and plots the geographic
origin for each message using Google maps. To use this system, the user must currently give his or her Yahoo mail password to the mashup system and hope that the mashup software behaves as
advertised.
An early and well-known example of a mashup is Chicagocrime.org 6 which allows a user to search a database of crimes reported in Chicago and see where they took place, filtering results by
location, type of crime, district, and date, and viewing details of the crime on the map. This is typically used by people considering buying a property in a specific area.
Note that online advertising networks may also be classed as mashups since they integrate data from many sources and deliver a service based on this data within a single page.
4.1.2 The Same Origin Policy – Example Scenario
An important feature of most Web 2.0 scenarios is the same-origin policy. This is a cornerstone of browser security. It prevents a document or script loaded from one origin from manipulating
properties of or communicating with a document loaded from another site of origin. In this case the term origin refers to the fully-qualified domain name, port and protocol of the site hosting the
document. The following table demonstrates how the same-origin policy would handle document manipulation by a script originating from
http:www.example1.comexampledirectory1page.html .
Web 2.0 Security and Privacy
15
Target URL
http:www.example1.comexampledirectory2 page.html
http:www.example1.comexampledirectory1 exampledirectory2page.html
https:www.example1.comexampledirectory1 page.html
http:www.example1.com:81exampledirector y1page.html
http:host2.example1.comexampledirectory1 page.html
Outcome
Success Success
Failure Failure
Failure
Reason
Different protocol Different port
Different host