SecurityArena

Guide to Practical Info Security!

Who's Online

We have 3 guests online
CBK Applications and Systems Development Security (Part-2)
Print E-mail
Written by Administrator   
Friday, 10 July 2009 13:53
Article Index
CBK Applications and Systems Development Security (Part-2)
Capability Maturity Model Integration
Types of programming languages
OOP / Object-Oriented Programming
Structured analysis approach
Phases of object-oriented design and development
Cohesion and Coupling
Object Management Architecture
Mobile Code
Expert Systems
Malicious Software (Malware)
Attacks
All Pages
Page 9 of 12

Mobile Code

Code that can be transmitted across a network, to be executed by a system or device on the other end, is called mobile code. There are many legitimate reasons to allow mobile code; for example, web browser applets that may execute in the background to download additional content for the web page, such as music or a video image.
The cautions arise when a web site downloads code intended to do malicious or compromising actions, especially when the recipient is unaware that the compromising activity is taking place. If a web site is compromised, it can be used as a platform from which to launch attacks against anyone visiting the site and just browsing. On a web browser, having security settings set to high, or disallowing various scripting or active web components, may be an appropriate countermeasure. Java applet and ActiveX are example of mobile code.

ActiveX

ActiveX components can run on any platform that supports DCOM (using the COM model) or that communicates using DCOM services.

Enterprise JavaBeans

Java is platform independent because it is not compiled to processor-specific machine code. The JVM interprets bytecode to machine code for that specific computer system.
Enterprise JavaBeans (EJB) is a structural design for the development and implementation of distributed applications written in Java. EJB provides interfaces and methods to allow different applications to be able to communicate across a networked environment. Java is also compatible with CORBA.
Java Security
Java applets use a security scheme that employs a sandbox to limit the applet’s access to certain specific areas within the user’s system and protects the system from malicious or poorly written applets. The applet is supposed to run only within the sandbox. The sandbox restricts the applet’s environment by restricting access to a user’s hard drives and system resources. If the applet does not go outside the sandbox, it is considered safe.
Browser Settings Java applets and the actions that they perform can be prevented and controlled by specific browser settings. These settings do not affect full-fledged Java applications running outside of the browser.
Last Updated on Friday, 28 August 2009 05:04
 
Please register or login to add your comments to this article.
Banner
Copyright © 2010 Information Security Arena. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.
 
Joomla 1.5 Templates by Joomlashack