Towards Security-Enhanced and Privacy-Preserving Mashup Compositions

  • Heidelinde Hobel
  • Johannes Heurix
  • Amin Anjomshoaa
  • Edgar Weippl
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 405)


In recent years, there has been an emerging trend towards people building their own sophisticated applications to automate their daily tasks without specialized programming knowledge. Enterprise mash-ups facilitate end users’ development of applications in a business context autonomously or with minimal support from the software engineering staff. Hence, mashup solutions are aimed at exploiting the full potential of end users’ software development. However, the use of mashup solutions for business tasks gives rise to several security and privacy-related questions, since sensitive data records could be created even with simple procedures. In this paper, we propose an approach where security rules for mashup compositions can be defined, and submitted mashups are automatically evaluated for compliance with the respective policies.


Enterprise Mashups Semantics Security Privacy Usability 


  1. 1.
    Murugesan, S.: Understanding Web 2.0. IT Professional 9(4), 34–41 (2007)CrossRefGoogle Scholar
  2. 2.
    Hoyer, V., Stanoevska-Slabeva, K.: The changing role of IT departments in enterprise mashup environments. In: Feuerlicht, G., Lamersdorf, W. (eds.) ICSOC 2008. LNCS, vol. 5472, pp. 148–154. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    JackBe - Presto Mashup Composers,
  4. 4.
  5. 5.
    Google Blockly - A visual programming editor,
  6. 6.
    Hoyer, V., Stanoesvka-Slabeva, K., Janner, T., Schroth, C.: Enterprise mashups: Design principles towards the long tail of user needs. In: IEEE International Conference on Services Computing, SCC 2008, vol. 2, pp. 601–602 (2008)Google Scholar
  7. 7.
    Anjomshoaa, A., Bader, G., Tjoa, A.M.: Exploiting Mashup Architecture in Business Use Cases. In: 2009 International Conference on Network-Based Information Systems, pp. xx–xxvii. IEEE (2009)Google Scholar
  8. 8.
    Ogrinz, M.: Mashup Patterns: Designs and Examples for the Modern Enterprise, 1st edn. Addison-Wesley Professional (2009)Google Scholar
  9. 9.
    Bader, G., Anjomshoaa, A., Tjoa, A.M.: Privacy Aspects of Mashup Architecture. In: Proceedings of the 2010 IEEE Second International Conference on Social Computing, pp. 1141–1146. IEEE Computer Society (2010)Google Scholar
  10. 10.
  11. 11.
    Pellet: OWL 2 Reasoner for Java,
  12. 12.
    Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: A survey of recent developments. ACM Comput. Surv., 14:1–14:53 (June 2010)Google Scholar
  13. 13.
    Open Mashup Alliance (OMA) - EMML Documentation,
  14. 14.
  15. 15.
    Bertino, E., Sandhu, R.: Database security - concepts, approaches, and challenges. IEEE Transactions on Dependable and Secure Computing 2(1), 2–19 (2005)CrossRefGoogle Scholar
  16. 16.
    Pahlke, I., Beck, R., Wolf, M.: Enterprise Mashup Systems as Platform for Situational Applications. Business Information Systems Engineering, 305–315 (2010)Google Scholar
  17. 17.
    Hoyer, V., Fischer, M.: Market Overview of Enterprise Mashup Tools. In: Bouguettaya, A., Krueger, I., Margaria, T. (eds.) ICSOC 2008. LNCS, vol. 5364, pp. 708–721. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Zou, J., Pavlovski, C.J.: Towards Accountable Enterprise Mashup Services. In: Proceedings of the IEEE International Conference on e-Business Engineering, ICEBE 2007, pp. 205–212. IEEE Computer Society, Washington, DC (2007)Google Scholar
  19. 19.
    Barhamgi, M., Benslimane, D., Ghedira, C., Gancarski, A.: Privacy-preserving data mashup. In: 2011 IEEE International Conference on Advanced Information Networking and Applications (AINA), pp. 467–474 (2011)Google Scholar
  20. 20.
    Beckman, B.: Why LINQ Matters: Cloud Composability Guaranteed. Queue 10, 20:20–20:31 (2012)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • Heidelinde Hobel
    • 1
  • Johannes Heurix
    • 2
  • Amin Anjomshoaa
    • 2
  • Edgar Weippl
    • 1
  1. 1.SBA ResearchViennaAustria
  2. 2.Institute of Software Technology and Interactive SystemsVienna University of TechnologyAustria

Personalised recommendations