Mashups are around serving useful purposes. The technology isn’t new but came as a very different perspective on information sharing between different stakeholders. Currently the technology is limited to a single user accessing a single mashup site which can connect to multiple backend services.

A relevant security problem is the authentication and authorization issues. Multiple solutions exists such as PermitME OAuth or Google AuthSub. All of these approaches are some now ignoring the fact that a mashup can be connected to another mashup, consequently complicating the issues of authorization.

The approach of PermitMe simply introduces a third party server called Permit Grant Service. However, when we see this in the context of multi mashups, a “n” number of Permit Grant Services are required.