An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The private and public sectors depend heavily upon information technology (IT) systems to perform essential, mission-critical functions. As technology improves to provide new capabilities and features, new vulnerabilities are often introduced as well. Organizations implementing and using advanced technologies, therefore, must be increasingly on guard. One such emerging technology is active content. Although the term has different connotations among individuals, we use it here in its broadest sense to refer to electronic documents that, unlike ASCII character documents of the past, can carry out or trigger actions automatically without the intervention of a user. Examples of active content include PostScript documents, Java applets, JavaScript, word processing macros, spreadsheet formulas, and executable electronic mail attachments. Taken to its extreme, active content becomes, in effect, a delivery mechanism for mobile code. The purpose of this paper is to provide an overview of this topic and its underlying technologies, so that the reader becomes aware of the associated security risks and can make an informed IT security decision on its application. We review real-world examples involving commonly available products and development tools to increase the understanding and awareness of the risks involved.
Conference Dates
June 11-15, 2001
Conference Location
Ottawa, CA
Conference Title
Canadian Information Technology Security Symposium
Pub Type
Conferences
Keywords
active content, malicious software, mobile code
Citation
Jansen, W.
(2001),
Taming Active Content, Canadian Information Technology Security Symposium, Ottawa, CA
(Accessed October 9, 2024)