Structure of Internet and Security-III

• Finally we need to secure the client. Here Java is particularly important as it (and JavaScript) are the dominant downloaded programs

• Note clients are typically single user PC’s with NO security and so particularly vulnerable to attack.

• Key difficulty is a bad guy developing a program that when downloaded does something you don’t want

• In real world, we don’t invite arbitrary people into our house -- rather we ask for credentials or believe by context (they are an adult accompanying your child’s friend) that they are safe

• So we need both security in Java to check that code is what it purports to be and steps to establish confidence that what one is downloading is likely to be safe

Previous slide

Next slide

Back to first slide

View graphic version