Architectures for secure portable executable content-Reference-Cited by-同舟云学术

Architectures for secure portable executable content

Published:1999-03-01 Issue:1 Volume:9 Page:16-24
ISSN:1066-2243
Container-title:Internet Research
language:en
Short-container-title:

Author:

Gritzalis Stefanos,Aggelis George,Spinellis Diomidis

Abstract

The Java programming language supports the concept of downloadable executable content; a key technology in a wide range of emerging applications including collaborative systems, electronic commerce, and Web information services. Java enables the execution of a program, on almost any modern computer regardless of hardware configuration and operating system. Safe‐Tcl was proposed as an executable content type of MIME and thus as the standard language for executable contents within e‐mail messages. However, the ability to download, integrate, and execute code from a remote computer, provided by both Java and Safe‐Tcl, introduces serious security risks since it enables a malicious remote program to obtain unauthorised access to the downloading system’s resources. In this paper, the two proposed security models are described in detail and the efficiency and flexibility of current implementations are evaluated in a comparative manner. Finally, upcoming extensions are discussed.

Publisher

Emerald

Subject

Economics and Econometrics,Sociology and Political Science,Communication

Reference16 articles.

1. Gong, L., Mueller, M., Prafullchandra, H. and Schemers, R. (1997, “Going beyond the sandbox: an overview of the new security architecture in the Java Development Kit 1.2”, Proceedings of the USENIX Symposium on Internet Technologies and Systems, USENIX Association, Monterey, CA, pp. 103‐12.

2. Gong, L. and Scemers, R. (1998, “Implementing protection domains in the Java Development Kit 1.2”, Proceedings of the Symposium on Network and Distributed System Security, online, http://isoc/NDSS98/

3. Gritzalis, D. (1991, Information Systems Security, GCS Publications, Athens.

4. Lindhorn, T., and Yellin, F. (1997, The Java Virtual Machine Specification, Addison‐Wesley, Reading, MA and Wokingham.

5. McGraw, G. and Felten, E. (1996, Java Security Hostile Applets, Holes and Antidotes, J. Wiley & Sons Inc., New York, NY.

Cited by 6 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Secure Java Development with UML;IFIP Advances in Information and Communication Technology;2002

2. PyTHIA: Towards Anonymity in Authentication;IFIP Advances in Information and Communication Technology;2001

3. Issues with information dissemination on global networks;Information Management & Computer Security;2000-12

4. Smart card technology for deploying a secure information management framework;Information Management & Computer Security;2000-10-01

5. Security requirements, risks and recommendations for small enterprise and home‐office environments;Information Management & Computer Security;1999-08-01