Tuesday, May 01, 2007

Web 2.0 Security and Financial Services

Help Net Security had an article this week detailing the security issues around Web 2.0 for financial institutions. It said that banks and other financial companies, which have been grabbing on to Ajax and other Web 2.0 technologies, need to be careful of some of the security vulnerabilities for online transactions.

Most of the issues revolve around the usual problems in application code: cross-site scripting and other types of code injection. But there are also vulnerabilities in unprotected RSS and XML, which can also hide nasty code and links to malware if not properly validated.

The article was by Shreeraj Shah of Net-Square. He has written books about web security and has a blog.

There was also an academic article, Subverting Ajax, in December of last year, though somewhat technical, about the same subject.

0 Comments:

Post a Comment

<< Home