For example, YouTube.com, MySpace.com,
and blogging are a few examples of the Web 2.0 era, where these web applications are
based on user supplied content. In the security world, any mention of a new technology
often means that security is left out, forgotten, or simply marginalized. Unfortunately,
this is also true about many Web 2.0 technologies. To complicate the issue further, the
notion of ???don??™t ever trust user input??? becomes increasingly difficult when an entire web
application is based on user supplied input, ranging from HTML to Flash objects.
In addition to the technology and behavior changes, Web 2.0 can also mean the shift
from shrink-wrapped software to software as a service. During the early web era,
downloading software from the web and running it on your server or desktop was the
norm, ranging from Customer Relationship Management (CRM) applications to chat
software. Downloading and managing software soon became a nightmare to
organizations, as endless amount of servers, releases, and patches across hundreds of
in-house applications drove IT costs through the roof.
Organizations such as Google and Salesforce.com began offering traditional software as
a service, meaning that nothing is installed or maintained by an individual or IT department.
Pages:
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45