Using Active Content and Mobile Code and Safeguarding the Security of Information Technology Systems

This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of... See full abstract

This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of Booz Allen Hamilton, SP 800-28-2 provides updated information about active content and mobile code technologies, and discusses the components of the IT system s browsers and servers that handle active content. The bulletin covers the threats associated with the use of active content and mobile code, the risks to systems that process active content, and the safeguards that can protect system resources from attacks. The bulletin summarizes NIST s recommendations for managing and improving the security of IT systems when using active content and mobile code.
Hide full abstract