|
Finally we need to secure the client. Here Java is particularly important as it (and JavaScript) are the dominant downloaded programs
|
|
Note clients are typically single user PC's with NO security and so particularly vulnerable to attack.
|
|
Key difficulty is a bad guy developing a program that when downloaded does something you don't want
|
|
In real world, we don't invite arbitrary people into our house -- rather we ask for credentials or believe by context (they are an adult accompanying your child's friend) that they are safe
|
|
So we need both security in Java to check that code is what it purports to be and steps to establish confidence that what one is downloading is likely to be safe
|
