The Java programming language supports the concept of downloadable executable content; a key technology in a wide range of emerging applications including collaborative systems, electronic commerce, and Web information services. Java enables the execution of a program, on almost any modern computer regardless of hardware configuration and operating system. Safe‐Tcl was proposed as an executable content type of MIME and thus as the standard language for executable contents within e‐mail messages. However, the ability to download, integrate, and execute code from a remote computer, provided by both Java and Safe‐Tcl, introduces serious security risks since it enables a malicious remote program to obtain unauthorised access to the downloading system’s resources. In this paper, the two proposed security models are described in detail and the efficiency and flexibility of current implementations are evaluated in a comparative manner. Finally, upcoming extensions are discussed.
MCB UP Ltd
Copyright © 1999, MCB UP Limited