Mobile Ajax and security

April 17th, 2006

  Does security will raise some complex issue for Ajax based app?

 One of the benefits of Ajax is that the “application” does not reside on the client, but is downloaded each time you access to the server eventually with some caching mechanisms. This mean that transparently the application can evolve, include new features, etc…

 One of the well know weakness of browser based app, is the fact that these application can not access to local resources of the device, like Bluetooth, address book, GPS, etc…

 One of the possible (and probable) evolutions will be to provide some specific API to these applications to access to local resources. Fine, but this raises more the security problem: would you give an unlimited right to any browser app to access to your private data? Of course no, but then, how to manage this: by providing a certificate per session? But disabling access to this device?

  For downloaded app, the solution as been solved by putting a certificate mechanism. This provides some advantage, as only the “trusted” application can be downloaded. The disadvantage is that it’s very costly, in
terms of money, time . But in all cases, this can not be applied directly to Ajax based app…

  I have no clue on how this will be solved, I am just worried to this issue has not been addressed by promoters of the “full Ajax” solutions for mobile…

Technorati Tags: , , , ,

Technorati Tags: , , , ,

Entry Filed under: FlashLite,JavaME,MobileAjax,MobileWidgets,Wireless

2 Comments Add your own

  • 1. C. Enrique Ortiz  |  April 17th, 2006 at 6:21 pm

    Agreed.

    I recently wrote about this on my last response to Ajit’s Mobile Ajax… there I wrote “do I now need to sign my browser app as well?”…

    You got it, this opens a whole new can of worms – or same can of worms, but now for browser-based apps.

    Enrique

  • 2. Scott Penberthy  |  May 28th, 2006 at 3:05 pm

    Mobile widgets are a great idea! I started down this path last spring at a little company I called “Bling Software.” Its a tongue-in-cheek name for software that adds “bling” or fun accessories to your phone.

    The URL has a cheeky demo, a hello world version of our software running on a phone. We have little Konfabulator-style widgets running on CDMA phones, and will have a GSM version shortly. Its a lot of fun. A small carrier has become our first licensee, and several brands are kicking the tires.

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Calendar

May 2012
M T W T F S S
« Aug    
 123456
78910111213
14151617181920
21222324252627
28293031  

Archives

  • August 2011
  • January 2011
  • August 2010
  • March 2010
  • September 2009
  • July 2009
  • April 2009
  • February 2009
  • December 2008
  • October 2008
  • July 2008
  • June 2008

    • Most Recent Posts

    Most Recent Comments