Citation[]
National Institute of Standards and Technology, Guidelines on Active Content and Mobile Code (NIST Special Publication 800-28) (Ver. 2) (Mar. 2008) (full-text).
Overview[]
This document provides an overview of active content and mobile code technologies in use today and offers insights for making informed IT security decisions on their application and treatment. The discussion gives details about the threats, technology risks, and safeguards for end user systems, such as desktops and laptops. Although various end user applications, such as email clients, can involve active content, Web browsers remain the primary vehicle for delivery and are underscored in the discussion. The tenets presented for Web browsers apply equally well to other end user applications and can be inferred directly.