|
OpenAjax Alliance Announces New
Initiatives for Secure Mashups and Mobile Ajax
Industry Consortium on Ajax Development Further
Commits to Security; Announces Interoperability Awards
SANTA CLARA, CA--(September 24,
2007) - OpenAjax Alliance, an organization dedicated to
the successful adoption of open and interoperable
Ajax-based Web technologies, today revealed new
initiatives for secure mashups and mobile Ajax, as well
as a new white paper on Ajax security.
Ajax is the technology behind the increasingly popular "mashup,"
a website or application that combines content from more
than one source into an integrated experience. As Ajax
and mashups continue to gain widespread acceptance under
the Web 2.0 umbrella, it is critical for organizations
to understand these threats and to avoid them by
adhering to some best practices.
The alliance has released a new white paper titled "Ajax
and Mashup Security," which summarizes the ways in which
Ajax applications could be attacked and provides a set
of best practice techniques to address each of the
vulnerability areas. Available at www.openajax.org, the
white paper represents the collaborative efforts of Ajax
security experts from multiple companies, and was a
joint effort by the OpenAjax Alliance Security committee
and the Marketing Working Group.
"Getahead is delighted to see the progress the OpenAjax
Alliance is making particularly with regard to security
and secure mashups," said Joe Walker, creator of Direct
Web Remoting and president of Getahead. "The DWR project
has long been a strong advocate of better Ajax security,
so this advance is great news."
"ICEsoft has long recognized that security for
enterprise class applications is a critical
requirement," said Robert Lepack, VP of Marketing for
ICEsoft Technologies. "We view the publication of the
Open Ajax White paper 'Ajax and Mashup Security,' to be
an important step in the ongoing need to both educate
customers on the potential security risks of Ajax
applications and the best practices described in the
paper to be a key step toward developing much needed
standards."
In addition to a strong focus on security, the OpenAjax
Alliance is holding InteropFest 1.0 , which is the final
integration testing phase of OpenAjax Hub 1.0. OpenAjax
Hub is a small JavaScript library that allows multiple
Ajax toolkits to work together on the same page. The
central feature is a publish/subscribe event manager,
which enables loose assembly and integration of Ajax
components. OpenAjax Alliance will deliver both an open
specification and a reference open source
implementation. Standards are the key to
interoperability, and allow the true possibilities of
Ajax and Web 2.0 to be realized.
"To further advance the Ajax ecosystem, OpenAjax
Alliance members together are developing a standard way
to describe Ajax controls and their programmatic
interfaces so that it becomes easier for developers to
use Ajax libraries with development tools," said Kevin
Hakman, director, TIBCO Software Inc. and Chair of the
Alliance IDE Working Group. "We're on pace to have an
Ajax control description specification ready for early
2008."
Simultaneous with finalization activities on OpenAjax
Hub 1.0, the alliance has begun work on OpenAjax Hub
1.1, which will extend OpenAjax Hub to add support for
secure mashups and to enable mediated Comet-style
client-server messaging. As with OpenAjax Hub 1.1, the
alliance will deliver both a specification and a
commercial-quality open source reference implementation.
The secure mashup features of OpenAjax Hub 1.1 will
isolate mashup components in secure "sandboxes" and use
the OpenAjax Hub's publish/subscribe features to achieve
mediated cross-component messaging.
The alliance has also launched its new Mobile Ajax
committee, which will focus on both educational
materials and technical standards. As part of its Mobile
Ajax efforts, OpenAjax Alliance is co-sponsoring a
Workshop on Mobile Ajax on Friday September 28 in
partnership with the World Wide Web Consortium (W3C).
"In its first year of existence, the organization has a
remarkable record of achievement on key issues facing
the Ajax industry," said David Boloker, OpenAjax
Alliance Steering Committee Chairman. "OpenAjax Hub 1.0
and the InteropFest are key achievements towards driving
cross-vendor interoperability. The new white paper on
Ajax security issues is an important educational
milestone. The next year promises other advances,
including white papers, technical standards and open
source across multiple issues including Ajax IDEs,
secure mashups, client-server communications, and mobile
Ajax."
Also a part of InteropFest 1.0, interoperability
certificates will be awarded to the following member
organizations for their participation in OpenAjax
InteropFest 1.0: 24SevenOffice, Apache XAP, Dojo
Foundation, ILOG, Getahead, IT Mill, Lightstreamer,
Microsoft, Nexaweb, Open Link, Open Spot, Software AG
and TIBCO. The interoperability event requires
integration of an organization's Ajax toolkit with the
OpenAjax Hub and at least one other Ajax component,
where cross-component messaging is accomplished using
the OpenAjax Hub.
Ajax Conformance Award Recipient Quotes
"Developing an Ajax-based ERP/CRM-system for accountants
and others accustomed to functionality and
responsiveness in a traditional desktop application, we
have focused on features and speed improvements," said
Espen Antonsen, System Developer, 24SevenOffice.
"Cross-platform issues have in the past been
marginalized due to time constraints. Now with new
Ajax-toolkits emerging and the OpenAjax interoperability
we can achieve cross-platform easier and quicker."
"It's great to be part of the OpenAjax Alliance to work
with other leading toolkits to ensure interoperability.
DWR and TIBCO General Interface have a history of
working well together, but it's great to have a forum to
extend this interoperability," said Joe Walker, creator
of Direct Web Remoting and president of Getahead.
"For the past 20 years, ILOG develops and markets data
display components that need to integrate smoothly with
existing systems," said Jean Francois Abramatic, ILOG
Chief Product Officer. "OpenAjax Hub 1.0 and the
InteropFest are key milestones to facilitate Ajax
application development, and ILOG sees the benefits and
is committed to cross-vendor interoperability."
"As Ajax technology matures, the need for standardized
interfaces becomes more clear," said Jani Laakso,
Product Manager of IT Mill, a member organization. "The
OpenAjax Hub provides a convenient way of integrating
new components and widgets on top of IT Mill Toolkit.
This is an essential feature for our customers who want
to incorporate other Ajax libraries into their
applications built with IT Mill Toolkit."
"Interoperability is a key driving factor for choice and
furthering the advancement of the Open Web," said Dylan
Schiemann, CEO of SitePen, and co-founder of the Dojo
Toolkit. "Since inception, the Dojo Toolkit has
considered it a top priority to work well with other
JavaScript code and toolkits, and we are pleased to
receive this award recognizing our efforts."
"Lightstreamer is focused on delivering a high
performance and reliable Comet engine on the server
side," said Alessandro Alinone, CTO at Lightstreamer,
a member of OpenAjax Alliance. "There are plenty of Ajax
toolkits and frameworks that can consume real-time
events on the client side. OpenAjax Hub will enable us
to be interoperable with them all. To sum up the
paradigm, Lightstreamer Server disseminates real-time
data to the browsers; the data is received by the
OpenAjax Hub, that in turn delivers it to any Ajax
components in the page."
"As an early adopter and promoter of standards compliant
data access and integration middleware across the
enterprise and emerging Semantic Data Web, OpenLink
Software is excited about the opportunity to continue
demonstrating its middleware prowess and leadership
through the Interop 1.0 challenge of the OpenAjax
Alliance," said Kingsley Idehen, Founder and CEO of
OpenLink Software. "OpenLink extends its dedication to
advanced platform independent middleware technologies
without vendor lock-in through it's membership in the
OpenAjax Alliance and as expressed via our evolving
product portfolio including the OpenLink Ajax Toolkit,
Ajax Database Connectivity, and a collection of data
oriented Rich Internet Applications that offer full
OpenAjax compliance."
"With the OpenAjax Hub, data analytical packages such as
our ajaXcel spreadsheet and charting engine will be
interoperable with numerous third party GUI toolkits and
back-end data services," said Gideon Lee, president of
OpenSpot. "This may well motivate the domain experts and
power users who were previously challenged by RIA
development to start seriously adopting it, bringing
forth real-world solutions that are not merely richer in
awe-factor but also delivering richer information
analysis with significant bottom line impact."
"As the development of applications for business
productivity shifts from writing gobs of code to the
faster processes of assembling solutions from ready-made
parts and services, interoperability of those parts is a
key ingredient," said Kevin Hakman, co-founder of
TIBCO's open source Ajax toolkit: TIBCO General
Interface, and Director of developer evangelism for
TIBCO. "An Ajax ecosystem with components conforming to
baseline standards will provide more component choices
and further accelerate development speed while allowing
customers to continue to leverage the Web browser as a
ubiquitous, open platform."
"By eliminating latency while delivering a richer and
more intuitive user experience, AJAX enables the
development of applications that more closely conform to
actual end-user requirements," said Dr. Peter Kürpick,
President and Chief Product Officer of the webMethods
business line at Software AG. "We also recognize the
critical role that standards-based interoperability
plays in enabling the more complex and interactive
composite applications that enterprises are embracing
today. Recognizing this importance, Software AG is a
proud supporter of the OpenAjax Alliance's efforts to
improve the interoperability of AJAX-based
technologies."
About OpenAjax Alliance
The OpenAjax Alliance is an organization of leading
vendors, open source projects, and companies using Ajax
that are dedicated to the successful adoption of open
and interoperable Ajax-based Web technologies. The prime
objective of the group is to accelerate customer success
with Ajax by promoting a customer's ability to mix and
match solutions from Ajax technology providers and to
help drive the future of the Ajax ecosystem. To learn
more about OpenAjax Alliance, please visit:
www.openajax.org
All product and company names herein may be
trademarks of their respective owners. |