Securing Social with OpenSocial and Caja*
This talk will explore the implementation of OpenSocial on the social web and why security considerations need to be integrated when creating open standards for this space.
In an attempt to integrate standards into the social web, the OpenSocial standards seek to give developers a “build once – deploy everywhere” methodology for engineering applications. With the push to the merging of your real and web world personalities and personal information, the concerns of insecure social habits become very clear.
While trying to create easy to develop application environments in a hurry, many OpenSocial containers have gone the route of using insecure iframes as their security models, many times leading to the hijacking of personal information.
This presentation will provide an overview of the Caja security model with OpenSocial standards and explore why security considerations need to be integrated when creating open standards for the social web.
Jonathan is an Emmy award-winning software engineer and the author of the O’Reilly book “Programming Social Applications.” He specializes in open source initiatives around the implementation of social engagement services. He also works with and promotes emerging technologies to aid in the adoption and utilization of new social development techniques, such as his work on the OpenSocial foundation board. As a software engineer, Jonathan works extensively with social interaction development, engaging in new methods for targeting the social footprint of users to drive the ideal of an open web.