Because of the universal use of e-mail and world wide web, it is impossible for any security administrator to guarantee that no malicious external files, programs or data will reach the internal network. Primary culprits for web-based intrusions are applications using the Java and ActiveX programming languages. These languages allow Web sites to incorporate programs that users can run on their computers, in other words: remotely compiled programs are executed locally. It is not surprising that one should be rather nervous about executing untrusted code on one’s private network or machine.
Java
Java is a high-level, object-oriented, general-purpose programming language that took the Internet by storm, because it was one of the first technologies that could animate Web pages and make them interactive. Designed by Sun Microsystems in 1990, it is similar to C++, but it eliminates many language features that can cause common programming errors. Java source code files (files with a .java extension) are compiled into a format called byte code (files with a .class extension), which can then be executed by a Java interpreter. Java can be used to develop complete applications, called Java applets, which can perform a variety of tasks from the same Web page:
Let us see how this works in a Web browser on a desktop computer. References to Java software are embedded on a web page, which can be stored on a local disk or on the network. When the browser sees these references, it performs the following procedure:
Java is a high-level, object-oriented, general-purpose programming language that took the Internet by storm, because it was one of the first technologies that could animate Web pages and make them interactive. Designed by Sun Microsystems in 1990, it is similar to C++, but it eliminates many language features that can cause common programming errors. Java source code files (files with a .java extension) are compiled into a format called byte code (files with a .class extension), which can then be executed by a Java interpreter. Java can be used to develop complete applications, called Java applets, which can perform a variety of tasks from the same Web page:
- Animations.
- Games.
- Charts.
- Interactive programs.
Let us see how this works in a Web browser on a desktop computer. References to Java software are embedded on a web page, which can be stored on a local disk or on the network. When the browser sees these references, it performs the following procedure:
- The Java software, i.e. the applet, is loaded.
- The applet is then processed by the Java Virtual Machine (JVM), which is built into the browser.
- This JVM does stringent security checks.
- The JVM runs the applet, which appears and interoperates inside the browser.
- The computer's operating system provides machine-specific support for many of the actual operations and interactions.
