Mashup Security - Drinking Wine Without the Hangover

 I’m an architect and application layer security guy specializing in enterprise application development. After 20 years in the software security industry, you start to see a lot of the “same old wine in a shiny new bottle”, as my friend and co-author of “Core Security Patterns”, Ramesh Nagappan puts it. Sure this keeps some of us employed but more importantly, it allows us to reduce complexity by using analogies to the old bottle when talking about the new. I see some of my peers get frustrated solving the same issues, with a new set of details, over and over again for each new bottle.

Fortunately, I was lucky enough to get involved with Mashup technologies at JackBe and I am finding a whole new wine in dealing with the security issues that surround mashups.

At the heart of security, you still have to deal with authentication, authorization, confidentiality and non-repudiation. In the older technologies, everything was hosted, client-server, or peer-to-peer; one-to-one relationships. In these types of approach, when a client authenticates to the server (via sockets, CORBA, RMI, HTTP/s), they use an ID/password or other credential token that maps one-to-one with that server.

Now, with Mashups, we are confronted with one-to-many relationships, where clients will need to supply (and servers will need to manage) multiple credentials that will be passed to back-end services. In addition, the struggle of providing and enforcing authorization also becomes more challenging as you mash different services with different authorization requirements together in one application. We really are dealing with a new flavor of wine and not just the same old wine in a new shiny bottle.

In my book I remember writing hundreds of pages on the various aspects of security. Here I think I can sum up the Mashup Security issues in 5 key patterns:

   1. Authentication to multiple backend services with different credentials, authentication protocols

   2. Authorization to multiple backend services requiring attributes from disparate sources

   3. Bridging point-to-point protocol security mechanisms such as SSL

   4. Extending compliance rules and regulations out to the cloud

   5. Understanding the implications of your data being used in new ways

While these challenges are new, the wine is still wine and we can leverage existing security patterns as is, or possibly by extending the existing pattern strategies. For instance, we can systematize the authentication to multiple backend services by encapsulating existing authentication mechanisms in ‘Mashup Secure Profiles’ that propagate authentication credentials to the backend services in the way that they expect.

Mashup Security Profiles would provide us the ability to allow the Mashup server to store credentials across disparate backend services, manage the login sessions to those services, and thus improve the overall experience of the Mashup user. It would also let us codify the best practices for all of our access types, saving us development time and even improving our overall security. I am happy to report that Mashup Security Profiles are one of the new security features of Presto 3.0, the ‘Enterprise App Store’ release, scheduled for release at the end of this month.

Mashup technology does present a new wine in a new bottle. Of course, there is still risk of the same old security hangover. Luckily, here at JackBe we are used to dealing with security and new challenges and are readily extending the old security patterns to meet these new challenges. I’ll write in more detail about how we extend these patterns in future blogs.