Your SlideShare is downloading. ×
0
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Building on Social Application Platforms
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Building on Social Application Platforms

1,246

Published on

A brief overview of the open source technologies available for building social applications on top of social containers such as YAP, iGoogle, Orkut, MySpace, etc.

A brief overview of the open source technologies available for building social applications on top of social containers such as YAP, iGoogle, Orkut, MySpace, etc.

Published in: Technology
1 Comment
2 Likes
Statistics
Notes
  • Slide Notes

    ---- Slide 1 ----
    Today we will be talking about building social applications on 3rd party containers such as YAP, MySpace, iGoogle, etc. and will review
    An overview of core concepts and players in the space
    Looking at the open source technologies which are used on many social platforms out there.

    ---- Slide 2 ----
    Reviewing two of the major development companies who have built their businesses off of creating social applications within a black box environment:
    Zynga (best known for Mafia Wars and Farmville) was valued by analysts at about $4 billion
    LabPixies (best known for Floodit) is a small startup for Israel who recently sold their business to Google for between $15 - $25 million

    ---- Slide 3 ----
    The social graph is the user footprint on the web. We are no longer living in the days when our online and real lives are separate. Developers can leverage off of this data to personalize and target applications for specific users.

    ---- Slide 4 ----
    Reviewing the challenges in the space:
    Rockyou privacy / security issues
    Facebook / Zynga trying to carve out their piece of the social pie
    Security issues and concerns with platforms themselves

    ---- Slide 5 ----
    Why would you ever want to build an application in such a hostile space? One main reason:

    When you first deploy your application you have the potential to reach the huge network of users on the existing platform, allowing you to build a user base very quickly – much more so than in traditional software development.

    ---- Slide 6 ----
    There are generally four layers that developers need to be concerned about when working in this space, all addressed by open source technologies.

    ---- Slide 7 ----
    OpenSocial is a project which seeks to standardize the approach to accessing user social data on a platform.

    Shindig is an apache project which allows OpenSocial gadgets (or apps) to render in a container.

    ---- Slide 8 ----
    OAuth is an open source project which is used to allow users to permission applications to perform actions or capture user data on their behalf.

    OpenID is a project which is used to take your social identity off the social networks and expose it, using a single sign-on username and password, to third parties.

    ---- Slide 9 ----
    Traditionally, applications are secured by serving them up within iframes. They are simple to create / maintain and provide full content control for developers. The problem is that they are not secure and allow a host of XSS attacks on a container.

    Caja, a Google created open project, seeks to sandbox applications on a container to provide a layer of security on the container from applications. It rewrites front-end JavaScript, HTML and CSS to sanitize the code running on a platform and provides a sanitized version of the DOM to the application without allowing it to reach out to the real DOM.

    ---- Slide 10 ----
    Links to the projects and platforms we talked about during this presentation
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
1,246
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
1
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • The social graph is the user footprint on the web. We are no longer living in the days when our online and real lives are separate. Developers can leverage off of this data to personalize and target applications for specific users.
  • Why would you ever want to build an application in such a hostile space? One main reason:When you first deploy your application you have the potential to reach the huge network of users on the existing platform, allowing you to build a user base very quickly – much more so than in traditional software development.
  • There are generally four layers that developers need to be concerned about when working in this space, all addressed by open source technologies.
  • OpenSocial is a project which seeks to standardize the approach to accessing user social data on a platform.Shindig is an apache project which allows OpenSocial gadgets (or apps) to render in a container.
  • OAuth is an open source project which is used to allow users to permission applications to perform actions or capture user data on their behalf. OpenID is a project which is used to take your social identity off the social networks and expose it, using a single sign-on username and password, to third parties.
  • Traditionally, applications are secured by serving them up within iframes. They are simple to create / maintain and provide full content control for developers. The problem is that they are not secure and allow a host of XSS attacks on a container.Caja, a Google created open project, seeks to sandbox applications on a container to provide a layer of security on the container from applications. It rewrites front-end JavaScript, HTML and CSS to sanitize the code running on a platform and provides a sanitized version of the DOM to the application without allowing it to reach out to the real DOM.
  • Links to the projects and platforms we talked about during this presentation
  • Transcript

    • 1. Building on Social Application PlatformsJonathan LeBlanc – Technology Evangelist
      Yahoo! Developer Network – Partner Integrations
      Twitter: @jcleblanc
    • 2. 2
      Valuation: $4 Billion (May 2010)
      Business Insider
      Sold for between $15 - $25 Million
      San Francisco Examiner
    • 3. 3
    • 4. 4
      RockYou! User Database Hacked
      “In December 2009, an attacker breached the company's database of usernames and passwords of its 32 million users.”
      Techweet: http://www.techweet.com
      Zynga Threatens to Leave Facebook
      “Zynga was threatening to leave Facebook altogether in the wake of Facebook's requiring exclusive use of Facebook credits for monetization in applications.”
      TechCrunch: http://www.techcrunch.com
      Spammers Running Wild In Latest MySpace Phishing Attack
      “…suggesting that the site has fallen prey to a security exploit that grants spammers access to accounts.”
      TechCrunch: http://www.techcrunch.com
    • 5. 5
    • 6. 6
      Avoiding Disaster with Open Source
      Accessing the Social Graph
      Authorizing Application
      Authenticating Users
      Securing Third Party Code
    • 7. 7
      Accessing the Social Graph
    • 8. 8
      Authorization and Authentication
    • 9. 9
      Front-End Security
    • 10. 10
      Thank you
      Read More Links
      • OpenSocial: http://www.opensocial.org/
      • 11. Shindig: http://shindig.apache.org/
      • 12. OAuth: http://oauth.net/
      • 13. OpenID: http://openid.net/
      • 14. Caja: http://code.google.com/p/google-caja/
      Yahoo! Container Links
      • Yahoo! Application Platform: http://developer.yahoo.com/yap

    ×