Corporate security policies that block network executables adversely affect the evolution of the Internet, extranet, and intranet. More than 80% of new network computing initiatives require technologies that push both data and code between remote servers and local clients. The benefits of distributed sub-programs and routines are lost if Java applets, ActiveX controls and other mobile code are diverted or prevented from reaching the browser. While no security implementation is absolute, functionality is not achieved by disconnecting users from the network and preventing access to programs. Allowing untrusted code to execute on the corporate network may not be suitable for your organization. Are alternatives available?
This session will address both the current and historical security issues associated with the adoption and implementation of mobile code; outline the risks of executable content within the context of new client-server computing; describe the Java security and author and capability signing models; provide basic guidance for using mobile code on the corporate network; and provide a roadmap for mobile code deployment. Several high-profile security threats will be examined and available mobile code security solutions will be reviewed.
In this session we will:
Ron Moritz, Mobile Code: Enterprise Security Issues and Solutions
Gates 498, 1/19/1999, 4:15 PM