Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Using Active Content and Mobile Code and Safeguarding the Security of Information Technology (IT) Systems



Shirley M. Radack


This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of Booz Allen Hamilton, SP 800-28-2 provides updated information about active content and mobile code technologies, and discusses the components of the IT system s browsers and servers that handle active content. The bulletin covers the threats associated with the use of active content and mobile code, the risks to systems that process active content, and the safeguards that can protect system resources from attacks. The bulletin summarizes NIST s recommendations for managing and improving the security of IT systems when using active content and mobile code.
ITL Bulletin -


Active content, computer system security, information systems security, information technology, mobile code, risk management, security controls, security threats, security vulnerabilities


Radack, S. (2008), Using Active Content and Mobile Code and Safeguarding the Security of Information Technology (IT) Systems, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed June 21, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created April 24, 2008, Updated February 19, 2017