Mykonos touts security in AJAX

By Jeff Feinman

May 26, 2009 — A new AJAX company is implementing built-in security measures on the server, the transport layer and on the client for every application created.

Executives of startup Mykonos said every that component within the company’s AJAX framework is built to filter user data in order to make AJAX development more secure. This is done, they said, by validating cross-site requests using encrypted tokens, and by using proprietary CAPTCHA codes and authentication screening techniques to prevent automated log-ins.

Mykonos is a framework for building enterprise-class Web applications, and it includes a feature called Visual Builder that allows developers to create screens and workflows. There is a set of components for data transfer that are already encrypted to prevent against SQL injections and other attacks.

The name Mykonos was adopted when company executives were sitting in their Rochester, N.Y. office on a cold, wintry day.

Protected only by office walls from the blistering, snowy weather, one employee looked at a framed picture of the Greek island Mykonos, a landmass known for its sandy beaches and exquisite nightlife. The employee proclaimed he’d much rather be there instead of Rochester. Hence, the idea came about for the company name.

The company is a subsidiary of BlueTie, a software-as-a-service e-mail and collaboration company. Mykonos was split off from BlueTie and launched as a separate unit in late April. It has offices in Rochester and Palo Alto, Calif. It currently has 15 employees.

CEO David Koretz called Mykonos a “framework coupled with a security service."

He continued: "You’ve got a layer of secure components, you’ve got code around your RPC layer, and then you’ve got code around your logging and auditing engine and other things that exist on the client. Mykonos can actually use all this security to upgrade the code itself.”

For instance, if there is a security issue around Firefox, Mykonos can update its components in real time to defend against that, Koretz said.

Mykonos hired developers who didn’t have expertise in browser compatibility and Web application security, Koretz said. This helped create a framework that allows any developer with object-oriented development experience to create Web apps.

“We dramatically reduce the need for people to become JavaScript experts,” Koretz claimed. “Not all developers will become experts in JavaScript, and not all of them will become experts in browser compatibility, and certainly the vast majority of them won’t be experts in security. So we take those big issues off the table.”

Related Search Term(s): AJAX, Mykonos, security

Share this link: http://sdt.bz/33498

Technorati

Digg

Slashdot

Facebook

Friendfeed

Twitter

del.icio.us

Cigital Develops Ready-to-Use Tools for Securing the Smart Grid Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan.

Department of Homeland Security lays down security suggestions Common Weakness Enumeration version 2.0 highlights flaws in software development practices

Metadata Security for SharePoint Adds Security Permissions Titus Metadata Security for SharePoint allows permissions to be assigned based on the recipient's Active Directory properties

Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan Read More...