IBM Addresses Web 2.0 Security Concerns With 'SMash' -- THE Journal

SecurityPrivacy

IBM Addresses Web 2.0 Security Concerns With 'SMash'

By Dian Schaffhauser
03/18/08

##AUTHORSPLIT##<--->

IBM announced new technology to secure "mashups," Web applications that pull information from multiple sources, such as Web sites, enterprise databases, or e-mails, to create one unified view. Mashups allow users to gain insight on complex situations but, as with all Web-based initiatives, security has been a concern.

IBM researchers have created a new technology, codenamed "SMash," short for secure mashup, that allows information from different sources to talk to each other, but keeps them separate so malicious code can't be introduced into systems.

IBM is contributing the SMash technology to the OpenAjax Alliance, an organization of vendors, open source projects and companies using AJAX, of which it is a part.

"Web 2.0 is fundamentally about empowering people, and has created a societal shift in the way we organize, access, and use information," said Rod Smith, IBM Fellow and vice president. "Security concerns can't be a complete inhibitor, or clients lose out on the immense benefit mashups bring. The same way you wouldn't buy a car and then later decide to have the seatbelts or airbags installed, as an industry we've learned how to build security into business operations from the ground up instead of tacking it on after the fact."

SMash addresses a part of the browser mashup security issue by keeping code and data from each of the sources separated, while allowing controlled sharing of the data through a secure communication channel. IBM said it plans to include SMash technology in WebSphere products and its commercial mashup maker, Lotus Mashups, expected in the summer. Lotus Mashups is IBM's first commercial mashup maker for organizations. It will allow non-technical users to create and share mashups in a secure way.

A detailed description of SMash will appear in the 17th International World Wide Web Conference, to be held in Beijing, China, in April 2008.

Get daily news from THE Journal's RSS News Feed

About the author: Dian Schaffhauser is a writer who covers technology and business for a number of publications. Contact her at [email protected].

Proposals for articles and tips for news stories, as well as questions and comments about this publication, should be submitted to David Nagel, executive editor, at [email protected].

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

E-Mail this page

Printable Format

Featured

OpenAI Developing Teen Version of ChatGPT with Parental Controls

OpenAI has announced it is developing a separate version of ChatGPT for teenagers and will use an age-prediction system to steer users under 18 away from the standard product, as U.S. lawmakers and regulators intensify scrutiny of chatbot risks to minors.
Google Cloud Study: Early Agentic AI Adopters See Better ROI

Google Cloud has released its second annual ROI of AI study, finding that 52% of enterprise organizations now deploy AI agents in production environments. The comprehensive survey of 3,466 senior leaders across 24 countries highlights the emergence of a distinct group of "agentic AI early adopters" who are achieving measurably higher returns on their AI investments.
AI Adoption Rising, but Trust Gap Limits Impact

A recent global study by IDC and SAS found that while the adoption of artificial intelligence continues to expand rapidly across industries, a misalignment between perceived trust in AI systems and their actual trustworthiness is limiting business returns.
Report Identifies Surge in Credential͏͏ Theft͏͏ and͏͏ Data Breaches͏͏

A recent report from cybersecurity company Flashpoint Cyber͏͏ detected an escalation of threat activity across͏͏ multiple͏͏ fronts͏͏ during͏͏ the͏͏ first͏͏ half͏͏ of͏͏ 2025.