Security & Privacy with regards to Mashups
Common concepts with regards to Security and Privacy concepts -
-. Confidentiality
-. Integrity
-. Availability
-. Identification, Authentication, & Authorization
-. Audit
-. Incident response
-. Regulatory Compliance
Developing Areas & Questions
It has become very clear from many articles and information sites that mashup developers are generally not aware of the security or privacy implications surrounding their mashups.
Who is liable with regards to the aggregating data and managing the integrity of data for both providers and consumers?
Mashup developers may need to enter secure/prohibited fields in order to make their mashups work.
Who is responsible if security and privacy has been breached? Do mashup developers/maintainers need to notify there data sources? What would the consequences/actions be?