Literature Database Entry


Benjamin Stritter, Felix C. Freiling, Hartmut König, Rene Rietz, Steffen Ullrich, Alexander von Gernler, Felix Erlacher and Falko Dressler, "Cleaning up Web 2.0's Security Mess - at Least Partly," IEEE Security & Privacy, vol. 14 (2), pp. 48–57, March 2016.


Everybody loves the new Web 2.0 applications. They are easy to use, fast, and can be accessed from any computer or smartphones without installation. They allow us to easily communicate and share data with each other, make shopping simple, and give us access to vast amount of information. However, Web 2.0 is also frequently mentioned in the news in connection with novel exploits, data leaks, or identity theft. Active content, tight integration, and the overall complexity of the continuously evolving Web 2.0 technology creates new risks which we can hardly grasp. Turning back is no solution, since we would lose many beloved features. But how can we get both - pleasant user experience and security - in such a messy place such as the current Web 2.0 represents? We study the complex security situation and attack surface of Web 2.0 applications and attempt to give a brief tour through this zoo, focusing on already existing applications. We particularly outline open research challenges in this field and give recommendations how to approach these issues.

Quick access

Original Version DOI (at publishers web site)
Authors' Version PDF (PDF on this web site)
BibTeX BibTeX


Benjamin Stritter
Felix C. Freiling
Hartmut König
Rene Rietz
Steffen Ullrich
Alexander von Gernler
Felix Erlacher
Falko Dressler

BibTeX reference

    author = {Stritter, Benjamin and Freiling, Felix C. and K{\"{o}}nig, Hartmut and Rietz, Rene and Ullrich, Steffen and von Gernler, Alexander and Erlacher, Felix and Dressler, Falko},
    doi = {10.1109/MSP.2016.31},
    title = {{Cleaning up Web 2.0's Security Mess - at Least Partly}},
    pages = {48--57},
    journal = {IEEE Security \& Privacy},
    issn = {1540-7993},
    publisher = {IEEE},
    month = {3},
    number = {2},
    volume = {14},
    year = {2016},

Copyright notice

Links to final or draft versions of papers are presented here to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or distributed for commercial purposes without the explicit permission of the copyright holder.

The following applies to all papers listed above that have IEEE copyrights: Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

The following applies to all papers listed above that are in submission to IEEE conference/workshop proceedings or journals: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

The following applies to all papers listed above that have ACM copyrights: ACM COPYRIGHT NOTICE. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or

The following applies to all SpringerLink papers listed above that have Springer Science+Business Media copyrights: The original publication is available at

This page was automatically generated using BibDB and bib2web.