Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology

Abstract

The private and public sectors depend heavily upon (IT) systems to perform essential, mission-critical functions. As existing technology evolves and new technologies are introduced to provide improved capabilities and advanced features in systems, new technology-related vulnerabilities often arise. Organizations implementing and using advanced technologies, therefore, must be increasingly on guard. One such category of technologies is active content. Broadly speaking, active content refers to electronic documents that, unlike past character documents based on the American Standard Code for Information Interchange (ASCII) and related character sets, can carry out or trigger actions automatically without an individual directly or knowingly invoking the actions. Therefore, exploits based on vulnerabilities in active content technologies by their very nature can be particularly insidious. The following key guidelines are recommended to Federal departments and agencies for dealing with active content.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 21, 2001
Accession Number
ADA394182

Entities

People

  • Wayne A. Jansen

Organizations

  • Booz Allen Hamilton

Tags

DTIC Thesaurus Topics

  • Application Software
  • Basic Programming Language
  • Computer Network Security
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Electronic Mail
  • Information Systems
  • Network Protocols
  • Operating Systems
  • Security Protocols
  • Software Development
  • Web Browsers
  • Word Processors

Readers

  • Cybersecurity.
  • Defense Technology Research and Development.
  • Systems Analysis and Design

Technology Areas

  • Microelectronics