This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of Booz Allen Hamilton, SP 800-28-2 provides updated information about active content and mobile code technologies, and discusses the components of the IT system s browsers and servers that handle active content. The bulletin covers the threats associated with the use of active content and mobile code, the risks to systems that process active content, and the safeguards that can protect system resources from attacks. The bulletin summarizes NIST s recommendations for managing and improving the security of IT systems when using active content and mobile code.
This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of...
See full abstract
This bulletin summarizes information disseminated in revised NIST Special Publication (SP) 800-28-2, Guidelines on Active Content and Mobile Code: Recommendations of the National Institute of Standards and Technology. Written by Wayne A. Jansen and Karen Scarfone of NIST and by Theodore Winograd of Booz Allen Hamilton, SP 800-28-2 provides updated information about active content and mobile code technologies, and discusses the components of the IT system s browsers and servers that handle active content. The bulletin covers the threats associated with the use of active content and mobile code, the risks to systems that process active content, and the safeguards that can protect system resources from attacks. The bulletin summarizes NIST s recommendations for managing and improving the security of IT systems when using active content and mobile code.
Hide full abstract
Keywords
Active content; computer system security; information systems security; information technology; mobile code; risk management; security controls; security threats; security vulnerabilities;
