Mashups are powerful applications created from accessing and composing multiple and distributed information sources. Their ease-of-use and modularity allow users at any skill level to construct, share and integrate their own applications. However, data security concerns remain a hindering factor in its widespread adoption, in particular, for network management. In this paper, we propose a novel development methodology and system architecture called Maestro that allows developers to express their data privacy concerns and enforce policies during mashup executions. We evaluated Maestro by building two mashup applications for managing live networks and by running performance tests that show that our runtime has negligible overhead. © 2011 IEEE.