SMash: Secure Mashups

IBM has potentially opened the door to enterprise mashups, allowing for the first time these web services which rely on multiple data and/or programming sources to have security built-in. SMash which is short for secure mashup is what the new technology is called and IBM will be donating the technology to the OpenAjax Alliance.

What will secure mashups allow? In theory they unlock data and services so they can inter-work in a fashion which allows data to be used in a more synergistic format. For example, allowing data from disparate sources comes together in a single or multiple interfaces.

In reality, mashups themselves haven’t changed as a result of this announcement but the data and APIs available to the mashup community has. For the first time, corporations will feel comfortable experimenting with mashups in their organization and they will likely expose more data and APIs to others as a result.

If you have heard me wax poetic about VoIP peering in the past and you get what the potential of peering voice between companies and providers can do, imagine what secure application and data peering can do for us.

In a way that is how I think of mashups — as the ultimate application, service and data peering relationship… Where everything works together in a seamless fashion. As Zippy Grigonis points out in this article, IBM researchers use terms like "autonomic computing" to describe the intelligent systems that work behind the scenes to bring you what you want, how and when you want it. He equates this to how the body digests food and maintains blood pressure.

I don’t expect this news to alter the mashup landscape overnight but I can imagine some really interesting systems integrator projects which can tie mashups into a company’s core business processes. I am looking forward to seeing how the enterprise mashup market evolves as a result of this news.

The concept of secure mashups reminds me of my secure SIP blog from earlier this morning. Mashups and SIP were both invented to solve similar problems… Interoperability between communications equipment and data/services. And now as both of these markets have matured, we need to deal with the security issues that are inherently present in open communications systems.

    Leave Your Comment