Architectures for secure portable executable content

Stefanos Gritzalis, George Aggelis, Diomidis Spinellis
1999 Internet Research  
The Java programming language supports the concept of downloadable executable content; a key technology in a wide range of emerging applications including collaborative systems, electronic commerce, and Web information services. Java enables the execution of a program, on almost any modern computer regardless of hardware configuration and operating system. Safe-Tcl was proposed as an executable content type of MIME and thus as the standard language for executable contents within e-mail
more » ... However, the ability to download, integrate, and execute code from a remote computer, provided by both Java and Safe-Tcl, introduces serious security risks since it enables a malicious remote program to obtain unauthorised access to the downloading system's resources. In this paper, the two proposed security models are described in detail and the efficiency and flexibility of current implementations are evaluated in a comparative manner. Finally, upcoming extensions are discussed.
doi:10.1108/10662249910251273 fatcat:3526qdymzbesvgwlknvjnlcpxy