Architectures for secure portable executable content

The Java programming language supports the concept of downloadable executab le content; a key technology in a wide range of emerging applications inclu ding collaborative systems, electronic commerce, and Web information servic es. Java enables the execution of a program, on almost any modem computer r egardless of hardware configuration and operating system. Safe-Tcl was prop osed as an executable content type of MIME and thus as the standard languag e for executable contents within e-mail messages. However, the ability to d ownload, integrate, and execute code from a remote computer, provided by bo th Java and Safe-Tcl, introduces serious security risks since it enables a malicious remote program to obtain unauthorised access to the downloading s ystem's resources. In this paper, the two proposed security models are desc ribed in detail and the efficiency and flexibility of current implementatio ns are evaluated in a comparative manner. Finally upcoming extensions are d iscussed.