Through IBM's SMash (secure mashup) technology, streams of information from different sources can communicate with each other, but the sources are kept separate to prevent the spread of malicious code. SMash keeps code and data from each of the sources separated while allowing controlled sharing of data through a secure communication channel.
Mashups are defined by IBM as web applications that pull information from multiple sources such as websites, databases and email to present a single view. But mashups have been beset by security risks, IBM says.
"What we were striving for was to have [mashups] interact with other information on a page in a secure manner," says David Boloker, CTO of emerging internet technologies in the IBM software group.
SMash prevents information from one domain trying to access information on the page, Boloker says. But developers can allow access if they choose.
"[It] allows you to communicate with other parts of your web page in a secure manner," he says.
The technology is to become part of OpenAjax Hub 1.1, which goes to general release in June, Boloker says.
Forrester analyst Jeffrey Hammond says "I think SMash could potentially address a need in the AJAX market — namely, enabling safer client-side cross-domain access to multiple sites.
"This client-side cross-domain access pattern is becoming increasingly popular when developers want to mix in technology from multiple sites, but don't feel comfortable importing that code into their server domains."
Building on top of OpenAjax Hub is a strength of SMash, Hammond says.