The most striking technology application in this century is the impact of web on the human life. The current period has witnessed the increased use of web to a greater extent and the Web 2.0 has made the cyberspace as the global information space. Web 2.0 is a collection of technologies and services that allow increased user-creator interaction, content syndication, advancements in web-based user interfaces, which ultimately lead to the creation of an entirely new application platform.

Web applications are the most vulnerable elements of an organization’s IT infrastructure today. An increasing number of organizations (both for-profit and not-for-profit) depend on Internet-based applications that leverage the power of AJAX. As this group of technologies becomes more complex to allow the depth and functionality discussed, and, if organizations do not secure their web applications, then security risks will only increase. The most striking features of web 2.0 are its ability in harnessing collective intelligence and bringing rich users participation. The web 2.0 has rich applications with features such as user interaction, knowledge transfer and sharing and end user as well as source collaboration. The AJAX technology is used in many synchronous environments ranging from learning to many other purposes and their potential as well as implications are addressed in many studies.

The basic strength of the present web services environment is the Rich Internet Application is because of the deployment of JAVA script and DHTML for gaining interactivity in web pages. The fuse of many interrelated technologies has made the AJAX, (the Asynchronous JavaScript) to provide the avenues for increasing user participation. As the AJAX is the basic component of Web 2.0, it becomes the vulnerable for attacks also. It has been observed in many applications that most of the Ajax toolkits have been found vulnerable that leads to JavaScript hijacking; JavaScript Hijacking allows an unauthorized attacker to read sensitive data from a vulnerable application using a technique similar to the one commonly used to create mashups.

The resources and tools on Web Services Threats and Vulnerabilities focused on the news, white papers and other media in the recent past addressing many issues. The studies and prototypes are initiated with large scale experiments and implemented in practice; still the threats are increasing in many dimensions.

Download pdf The impact of AJAX Vulnerability in Web 2.0 Applications