Hack Proofing Your Web Applications

Chapter 3: Understanding the Risks Associated with Mobile Code

Introduction

The Internet can transport more than just data. It can also transport programs designed to provide services; however, the programs need to be delivered in a special way that is simple for the end user. How do you deploy these Web-based programs in order to add dynamic content to the Internet? By using mobile code. Mobile code is code that passes across a network and is executed on a destination machine. The programs that are designed to provide services can be any one of a variety of forms, such as scripts within documents and e-mail, or code objects running within Web pages. Because of the way mobile code is written, the same piece of code can sometimes run on multiple platforms. Mobile code is excellent for distributing applications across networks or the Internet.

While the Internet allows people to access information in a way that was never before possible, it also allows for malicious actions to take place. And, as with almost any technology, there are negative sides to mobile code.

Mobile code is executable code, usually embedded in an HTML document that can be downloaded and run on an end-user s workstation. This very statement should bring about an understanding of just how easy it would be to turn a really great tool into one that can be used maliciously. E-mail is the most prevalent example of an HTML document supporting application, so factor in the threat that mobile code can also be sent within e-mail, and the...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: E-Mail Software
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.