Thursday, September 06, 2007

NIST Issues New Computer Security Guidelines for Active Content

William Jackson writes on GCN.com:

The National Institute of Standards and Technology has updated its security guidelines for dealing with active content, providing an overview for active content and mobile code in use today and laying out a framework for making security decisions about its use within an organization.

A draft of Special Publication 800-28 Revision 2 [.pdf], titled “Guidelines on Active Content and Mobile Code,” has been released for public comment.

Incorporating active content such as Java applets, JavaScript and other scripts, and macros can add to the functionality of documents, e-mails, Web pages and files in a wide variety of formats, but NIST calls their security vulnerabilities “insidious.” The expanding use of these technologies is becoming common in a range of products and services, on desktop computers, servers and gateway devices.

More here.

0 Comments:

Post a Comment

<< Home