SlideShare ist ein Scribd-Unternehmen logo

Building on Social Application Platforms

Als PPTX, PDF herunterladen
Jonathan LeBlanc
Jonathan LeBlanc

A brief overview of the open source technologies available for building social applications on top of social containers such as YAP, iGoogle, Orkut, MySpace, etc.

Technologie
1 von 10
Building on Social Application PlatformsJonathan LeBlanc – Technology Evangelist Yahoo! Developer Network – Partner Integrations Twitter: @jcleblanc
2 Valuation: $4 Billion (May 2010) Business Insider Sold for between $15 - $25 Million San Francisco Examiner
3
4 RockYou! User Database Hacked “In December 2009, an attacker breached the company's database of usernames and passwords of its 32 million users.” Techweet: http://www.techweet.com Zynga Threatens to Leave Facebook “Zynga was threatening to leave Facebook altogether in the wake of Facebook's requiring exclusive use of Facebook credits for monetization in applications.” TechCrunch: http://www.techcrunch.com Spammers Running Wild In Latest MySpace Phishing Attack “…suggesting that the site has fallen prey to a security exploit that grants spammers access to accounts.” TechCrunch: http://www.techcrunch.com
5
6 Avoiding Disaster with Open Source Accessing the Social Graph Authorizing Application Authenticating Users Securing Third Party Code
7 Accessing the Social Graph
8 Authorization and Authentication
9 Front-End Security
10 Thank you Read More Links ,[object Object]

Empfohlen

RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Can you predict who will win the US election?
Can you predict who will win the US election?Can you predict who will win the US election?
Can you predict who will win the US election?Samvel Gevorgyan
 
5 ways criminals use facebook
5 ways criminals use facebook5 ways criminals use facebook
5 ways criminals use facebookWilliam Grieve
 
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsIranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
RSA Monthly Online Fraud Report -- June 2014
RSA Monthly Online Fraud Report -- June 2014RSA Monthly Online Fraud Report -- June 2014
RSA Monthly Online Fraud Report -- June 2014EMC
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityEY Belgium
 

Empfohlen

RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013EMC
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?What is the Cybersecurity plan for tomorrow?
What is the Cybersecurity plan for tomorrow?Samvel Gevorgyan
 
Can you predict who will win the US election?
Can you predict who will win the US election?Can you predict who will win the US election?
Can you predict who will win the US election?Samvel Gevorgyan
 
5 ways criminals use facebook
5 ways criminals use facebook5 ways criminals use facebook
5 ways criminals use facebookWilliam Grieve
 
Iranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsIranian Hackers Have Hit Hundreds of Companies in Past Two Years
Iranian Hackers Have Hit Hundreds of Companies in Past Two YearsLUMINATIVE MEDIA/PROJECT COUNSEL MEDIA GROUP
 
RSA Monthly Online Fraud Report -- June 2014
RSA Monthly Online Fraud Report -- June 2014RSA Monthly Online Fraud Report -- June 2014
RSA Monthly Online Fraud Report -- June 2014EMC
 
Mobile application security
Mobile application securityMobile application security
Mobile application securityEY Belgium
 
Content Management System Security
Content Management System SecurityContent Management System Security
Content Management System SecuritySamvel Gevorgyan
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)phexcom1
 
Current Emerging Threats
Current Emerging ThreatsCurrent Emerging Threats
Current Emerging Threatsdnomura
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirateswebnowires
 
Websecurity fundamentals for beginners
Websecurity fundamentals for beginnersWebsecurity fundamentals for beginners
Websecurity fundamentals for beginnersSamvel Gevorgyan
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in MaySathish Kumar K
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
null Bangalore meet Feb 2010 - news Bytes
null Bangalore meet Feb 2010 - news Bytesnull Bangalore meet Feb 2010 - news Bytes
null Bangalore meet Feb 2010 - news Bytesn|u - The Open Security Community
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"dogallama
 
Security Paper
Security PaperSecurity Paper
Security PaperShante' Perrin
 
Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)Marco Balduzzi
 
Social apps 3_1_2008
Social apps 3_1_2008Social apps 3_1_2008
Social apps 3_1_2008eaiti
 
Facebook Controversies
Facebook ControversiesFacebook Controversies
Facebook Controversiesannierox9
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 
Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack ZeroFOX
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
0926182320 Sophos[1]
0926182320 Sophos[1]0926182320 Sophos[1]
0926182320 Sophos[1]guest043f27
 
Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...Michael Pranikoff
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectJonathan LeBlanc
 
The Upheaval of Open Commerce
The Upheaval of Open CommerceThe Upheaval of Open Commerce
The Upheaval of Open CommerceJonathan LeBlanc
 

Weitere ähnliche Inhalte

Was ist angesagt?

Content Management System Security
Content Management System SecurityContent Management System Security
Content Management System SecuritySamvel Gevorgyan
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)phexcom1
 
Current Emerging Threats
Current Emerging ThreatsCurrent Emerging Threats
Current Emerging Threatsdnomura
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirateswebnowires
 
Websecurity fundamentals for beginners
Websecurity fundamentals for beginnersWebsecurity fundamentals for beginners
Websecurity fundamentals for beginnersSamvel Gevorgyan
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in MaySathish Kumar K
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"dogallama
 
Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)Marco Balduzzi
 
Social apps 3_1_2008
Social apps 3_1_2008Social apps 3_1_2008
Social apps 3_1_2008eaiti
 
Facebook Controversies
Facebook ControversiesFacebook Controversies
Facebook Controversiesannierox9
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manualRoel Palmaers
 
Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack ZeroFOX
 
0926182320 Sophos[1]
0926182320 Sophos[1]0926182320 Sophos[1]
0926182320 Sophos[1]guest043f27
 
Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...Michael Pranikoff
 

Was ist angesagt? (20)

Content Management System Security
Content Management System SecurityContent Management System Security
Content Management System Security
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)
 
Current Emerging Threats
Current Emerging ThreatsCurrent Emerging Threats
Current Emerging Threats
 
Patches Arrren't Just for Pirates
Patches Arrren't Just for PiratesPatches Arrren't Just for Pirates
Patches Arrren't Just for Pirates
 
Websecurity fundamentals for beginners
Websecurity fundamentals for beginnersWebsecurity fundamentals for beginners
Websecurity fundamentals for beginners
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in May
 
Ransomware
RansomwareRansomware
Ransomware
 
Ransomware
RansomwareRansomware
Ransomware
 
null Bangalore meet Feb 2010 - news Bytes
null Bangalore meet Feb 2010 - news Bytesnull Bangalore meet Feb 2010 - news Bytes
null Bangalore meet Feb 2010 - news Bytes
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
 
Invincea "The New Threat Vector"
Invincea "The New Threat Vector"Invincea "The New Threat Vector"
Invincea "The New Threat Vector"
 
Security Paper
Security PaperSecurity Paper
Security Paper
 
Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)Attacking the Privacy of Social Network users (HITB 2011)
Attacking the Privacy of Social Network users (HITB 2011)
 
Social apps 3_1_2008
Social apps 3_1_2008Social apps 3_1_2008
Social apps 3_1_2008
 
Facebook Controversies
Facebook ControversiesFacebook Controversies
Facebook Controversies
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 
Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack Anatomy of an Enterprise Social Cyber Attack
Anatomy of an Enterprise Social Cyber Attack
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
0926182320 Sophos[1]
0926182320 Sophos[1]0926182320 Sophos[1]
0926182320 Sophos[1]
 
Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...Communications In A Web 2.0 World - Texas State University Mass Communication...
Communications In A Web 2.0 World - Texas State University Mass Communication...
 

Andere mochten auch

Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectJonathan LeBlanc
 
The Upheaval of Open Commerce
The Upheaval of Open CommerceThe Upheaval of Open Commerce
The Upheaval of Open CommerceJonathan LeBlanc
 
Patologia benigna de estomago
Patologia benigna de estomagoPatologia benigna de estomago
Patologia benigna de estomagoandrexcordoba
 
Facebook for the Floundering
Facebook for the FlounderingFacebook for the Floundering
Facebook for the FlounderingLesley Miller
 
Salem State College's Employee Handbook
Salem State College's Employee HandbookSalem State College's Employee Handbook
Salem State College's Employee HandbookMartha White
 

Andere mochten auch (6)

Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
 
The Upheaval of Open Commerce
The Upheaval of Open CommerceThe Upheaval of Open Commerce
The Upheaval of Open Commerce
 
Patologia benigna de estomago
Patologia benigna de estomagoPatologia benigna de estomago
Patologia benigna de estomago
 
Facebook for the Floundering
Facebook for the FlounderingFacebook for the Floundering
Facebook for the Floundering
 
OAuth2 and LinkedIn
OAuth2 and LinkedInOAuth2 and LinkedIn
OAuth2 and LinkedIn
 
Salem State College's Employee Handbook
Salem State College's Employee HandbookSalem State College's Employee Handbook
Salem State College's Employee Handbook
 

Ähnlich wie Building on Social Application Platforms

Security Dangers of Social Networking
Security Dangers of Social NetworkingSecurity Dangers of Social Networking
Security Dangers of Social NetworkingBillBrenner70
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal Jaskaran Narula
 
The State of Internet Security: Web Attaks Take Over
The State of Internet Security: Web Attaks Take OverThe State of Internet Security: Web Attaks Take Over
The State of Internet Security: Web Attaks Take OverJAX Chamber IT Council
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityMuhammad Hamza
 
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009ClubHack
 
Ibm risk management-30min
Ibm risk management-30minIbm risk management-30min
Ibm risk management-30minKim Aarenstrup
 
Exploring machine learning techniques for fake profile detection in online so...
Exploring machine learning techniques for fake profile detection in online so...Exploring machine learning techniques for fake profile detection in online so...
Exploring machine learning techniques for fake profile detection in online so...IJECEIAES
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Securitysherrymoon7121
 
Slidecast ppt
Slidecast pptSlidecast ppt
Slidecast pptxinygu
 
Facebook Security Essay - Umut Baris Akkaya
Facebook Security Essay - Umut Baris AkkayaFacebook Security Essay - Umut Baris Akkaya
Facebook Security Essay - Umut Baris AkkayaUmut Baris Akkaya
 
Insecure trends in web technologies 2009
Insecure trends in web technologies 2009Insecure trends in web technologies 2009
Insecure trends in web technologies 2009Chandrakanth Narreddy
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Interlat
 

Ähnlich wie Building on Social Application Platforms (20)

Social Media Security
Social Media SecuritySocial Media Security
Social Media Security
 
Security Dangers of Social Networking
Security Dangers of Social NetworkingSecurity Dangers of Social Networking
Security Dangers of Social Networking
 
Social Networking Security Workshop
Social Networking Security WorkshopSocial Networking Security Workshop
Social Networking Security Workshop
 
News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal News Bytes by Jaskaran Narula - Null Meet Bhopal
News Bytes by Jaskaran Narula - Null Meet Bhopal
 
The State of Internet Security: Web Attaks Take Over
The State of Internet Security: Web Attaks Take OverThe State of Internet Security: Web Attaks Take Over
The State of Internet Security: Web Attaks Take Over
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
The Dangers of Lapto
The Dangers of LaptoThe Dangers of Lapto
The Dangers of Lapto
 
Indiancybercrimescene
IndiancybercrimesceneIndiancybercrimescene
Indiancybercrimescene
 
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009
Vinoo thomas rahul_mohandas__indian_cybercrime_scene - ClubHack2009
 
Ibm risk management-30min
Ibm risk management-30minIbm risk management-30min
Ibm risk management-30min
 
Exploring machine learning techniques for fake profile detection in online so...
Exploring machine learning techniques for fake profile detection in online so...Exploring machine learning techniques for fake profile detection in online so...
Exploring machine learning techniques for fake profile detection in online so...
 
Web 2.0/Social Networks and Security
Web 2.0/Social Networks and SecurityWeb 2.0/Social Networks and Security
Web 2.0/Social Networks and Security
 
Slidecast ppt
Slidecast pptSlidecast ppt
Slidecast ppt
 
File000145
File000145File000145
File000145
 
Facebook Security Essay - Umut Baris Akkaya
Facebook Security Essay - Umut Baris AkkayaFacebook Security Essay - Umut Baris Akkaya
Facebook Security Essay - Umut Baris Akkaya
 
Newsbytes april2013
Newsbytes april2013Newsbytes april2013
Newsbytes april2013
 
Insecure trends in web technologies 2009
Insecure trends in web technologies 2009Insecure trends in web technologies 2009
Insecure trends in web technologies 2009
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...
 
Blogging today
Blogging todayBlogging today
Blogging today
 

Mehr von Jonathan LeBlanc

JavaScript App Security: Auth and Identity on the Client
JavaScript App Security: Auth and Identity on the ClientJavaScript App Security: Auth and Identity on the Client
JavaScript App Security: Auth and Identity on the ClientJonathan LeBlanc
 
Improving Developer Onboarding Through Intelligent Data Insights
Improving Developer Onboarding Through Intelligent Data InsightsImproving Developer Onboarding Through Intelligent Data Insights
Improving Developer Onboarding Through Intelligent Data InsightsJonathan LeBlanc
 
Better Data with Machine Learning and Serverless
Better Data with Machine Learning and ServerlessBetter Data with Machine Learning and Serverless
Better Data with Machine Learning and ServerlessJonathan LeBlanc
 
Best Practices for Application Development with Box
Best Practices for Application Development with BoxBest Practices for Application Development with Box
Best Practices for Application Development with BoxJonathan LeBlanc
 
Box Platform Developer Workshop
Box Platform Developer WorkshopBox Platform Developer Workshop
Box Platform Developer WorkshopJonathan LeBlanc
 
Modern Cloud Data Security Practices
Modern Cloud Data Security PracticesModern Cloud Data Security Practices
Modern Cloud Data Security PracticesJonathan LeBlanc
 
Understanding Box UI Elements
Understanding Box UI ElementsUnderstanding Box UI Elements
Understanding Box UI ElementsJonathan LeBlanc
 
Understanding Box applications, tokens, and scoping
Understanding Box applications, tokens, and scopingUnderstanding Box applications, tokens, and scoping
Understanding Box applications, tokens, and scopingJonathan LeBlanc
 
The Future of Online Money: Creating Secure Payments Globally
The Future of Online Money: Creating Secure Payments GloballyThe Future of Online Money: Creating Secure Payments Globally
The Future of Online Money: Creating Secure Payments GloballyJonathan LeBlanc
 
Modern API Security with JSON Web Tokens
Modern API Security with JSON Web TokensModern API Security with JSON Web Tokens
Modern API Security with JSON Web TokensJonathan LeBlanc
 
Creating an In-Aisle Purchasing System from Scratch
Creating an In-Aisle Purchasing System from ScratchCreating an In-Aisle Purchasing System from Scratch
Creating an In-Aisle Purchasing System from ScratchJonathan LeBlanc
 
Secure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaSecure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaJonathan LeBlanc
 
Protecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsProtecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsJonathan LeBlanc
 
Node.js Authentication and Data Security
Node.js Authentication and Data SecurityNode.js Authentication and Data Security
Node.js Authentication and Data SecurityJonathan LeBlanc
 
PHP Identity and Data Security
PHP Identity and Data SecurityPHP Identity and Data Security
PHP Identity and Data SecurityJonathan LeBlanc
 
Secure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaSecure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaJonathan LeBlanc
 
Protecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsProtecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsJonathan LeBlanc
 
Future of Identity, Data, and Wearable Security
Future of Identity, Data, and Wearable SecurityFuture of Identity, Data, and Wearable Security
Future of Identity, Data, and Wearable SecurityJonathan LeBlanc
 

Mehr von Jonathan LeBlanc (20)

JavaScript App Security: Auth and Identity on the Client
JavaScript App Security: Auth and Identity on the ClientJavaScript App Security: Auth and Identity on the Client
JavaScript App Security: Auth and Identity on the Client
 
Improving Developer Onboarding Through Intelligent Data Insights
Improving Developer Onboarding Through Intelligent Data InsightsImproving Developer Onboarding Through Intelligent Data Insights
Improving Developer Onboarding Through Intelligent Data Insights
 
Better Data with Machine Learning and Serverless
Better Data with Machine Learning and ServerlessBetter Data with Machine Learning and Serverless
Better Data with Machine Learning and Serverless
 
Best Practices for Application Development with Box
Best Practices for Application Development with BoxBest Practices for Application Development with Box
Best Practices for Application Development with Box
 
Box Platform Overview
Box Platform OverviewBox Platform Overview
Box Platform Overview
 
Box Platform Developer Workshop
Box Platform Developer WorkshopBox Platform Developer Workshop
Box Platform Developer Workshop
 
Modern Cloud Data Security Practices
Modern Cloud Data Security PracticesModern Cloud Data Security Practices
Modern Cloud Data Security Practices
 
Box Authentication Types
Box Authentication TypesBox Authentication Types
Box Authentication Types
 
Understanding Box UI Elements
Understanding Box UI ElementsUnderstanding Box UI Elements
Understanding Box UI Elements
 
Understanding Box applications, tokens, and scoping
Understanding Box applications, tokens, and scopingUnderstanding Box applications, tokens, and scoping
Understanding Box applications, tokens, and scoping
 
The Future of Online Money: Creating Secure Payments Globally
The Future of Online Money: Creating Secure Payments GloballyThe Future of Online Money: Creating Secure Payments Globally
The Future of Online Money: Creating Secure Payments Globally
 
Modern API Security with JSON Web Tokens
Modern API Security with JSON Web TokensModern API Security with JSON Web Tokens
Modern API Security with JSON Web Tokens
 
Creating an In-Aisle Purchasing System from Scratch
Creating an In-Aisle Purchasing System from ScratchCreating an In-Aisle Purchasing System from Scratch
Creating an In-Aisle Purchasing System from Scratch
 
Secure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaSecure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication Media
 
Protecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsProtecting the Future of Mobile Payments
Protecting the Future of Mobile Payments
 
Node.js Authentication and Data Security
Node.js Authentication and Data SecurityNode.js Authentication and Data Security
Node.js Authentication and Data Security
 
PHP Identity and Data Security
PHP Identity and Data SecurityPHP Identity and Data Security
PHP Identity and Data Security
 
Secure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication MediaSecure Payments Over Mixed Communication Media
Secure Payments Over Mixed Communication Media
 
Protecting the Future of Mobile Payments
Protecting the Future of Mobile PaymentsProtecting the Future of Mobile Payments
Protecting the Future of Mobile Payments
 
Future of Identity, Data, and Wearable Security
Future of Identity, Data, and Wearable SecurityFuture of Identity, Data, and Wearable Security
Future of Identity, Data, and Wearable Security
 

Kürzlich hochgeladen

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 

Kürzlich hochgeladen (20)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 

Building on Social Application Platforms

  • 1. Building on Social Application PlatformsJonathan LeBlanc – Technology Evangelist Yahoo! Developer Network – Partner Integrations Twitter: @jcleblanc
  • 2. 2 Valuation: $4 Billion (May 2010) Business Insider Sold for between $15 - $25 Million San Francisco Examiner
  • 3. 3
  • 4. 4 RockYou! User Database Hacked “In December 2009, an attacker breached the company's database of usernames and passwords of its 32 million users.” Techweet: http://www.techweet.com Zynga Threatens to Leave Facebook “Zynga was threatening to leave Facebook altogether in the wake of Facebook's requiring exclusive use of Facebook credits for monetization in applications.” TechCrunch: http://www.techcrunch.com Spammers Running Wild In Latest MySpace Phishing Attack “…suggesting that the site has fallen prey to a security exploit that grants spammers access to accounts.” TechCrunch: http://www.techcrunch.com
  • 5. 5
  • 6. 6 Avoiding Disaster with Open Source Accessing the Social Graph Authorizing Application Authenticating Users Securing Third Party Code
  • 7. 7 Accessing the Social Graph
  • 8. 8 Authorization and Authentication
  • 10.
  • 14.

Hinweis der Redaktion

  1. The social graph is the user footprint on the web. We are no longer living in the days when our online and real lives are separate. Developers can leverage off of this data to personalize and target applications for specific users.
  2. Why would you ever want to build an application in such a hostile space? One main reason:When you first deploy your application you have the potential to reach the huge network of users on the existing platform, allowing you to build a user base very quickly – much more so than in traditional software development.
  3. There are generally four layers that developers need to be concerned about when working in this space, all addressed by open source technologies.
  4. OpenSocial is a project which seeks to standardize the approach to accessing user social data on a platform.Shindig is an apache project which allows OpenSocial gadgets (or apps) to render in a container.
  5. OAuth is an open source project which is used to allow users to permission applications to perform actions or capture user data on their behalf. OpenID is a project which is used to take your social identity off the social networks and expose it, using a single sign-on username and password, to third parties.
  6. Traditionally, applications are secured by serving them up within iframes. They are simple to create / maintain and provide full content control for developers. The problem is that they are not secure and allow a host of XSS attacks on a container.Caja, a Google created open project, seeks to sandbox applications on a container to provide a layer of security on the container from applications. It rewrites front-end JavaScript, HTML and CSS to sanitize the code running on a platform and provides a sanitized version of the DOM to the application without allowing it to reach out to the real DOM.
  7. Links to the projects and platforms we talked about during this presentation