Introduction

The Internet can transport more than just data. It can also transport programs designed to provide services; however, the programs need to be delivered in a special way that is simple for the end user. How do you deploy these Web-based programs to add dynamic content to the Internet? By using mobile code. Mobile code passes across a network and is executed on a destination machine. The programs designed to provide services can be any one of a variety of forms, such as scripts within documents and e-mail, or code objects running within Web pages. Because of the way mobile code is written, the same piece of code can sometimes run on multiple platforms. Mobile code is excellent for distributing applications across networks or the Internet. While the Internet allows people to access information in a way never before possible, it also allows malicious actions to take place. And, as with almost any technology, there are negative sides to mobile code.

Mobile code is executable code, usually embedded in an HTML document that can be downloaded and run on an end-user's workstation. This very statement should bring about an understanding of just how easy it would be to turn a great tool into one that can be used maliciously. E-mail is the most prevalent example of an HTML document supporting application, so factor in the threat that mobile code can also be sent within e-mail, and the potential to target an individual becomes apparent.

As you can imagine,...