Well, AJAX is simply a way of encoding Javascript and XML. So most security issues that will come about are through the Javascript and the XML used....... The popularity of AJAX comes largely from, or at least I feel, the growing power of Javascript, but AJAX isn't a technology rather a design so it is hard to get at what you are asking. Are you asking about the design of AJAX being secure? From my understanding, that is like asking if asynchronous I/O is secure which doesn't really make too much since because the answer is due to the implementation. So I guess my answer will have to be the same, AJAX's security depends on the implementation of it. If you feel like I didn't understand your question, then please clarify.