icon-carat-right menu search cmu-wordmark

Results of the Security in ActiveX Workshop

White Paper
In this paper, the authors present a summary of the Security in ActiveX Workshop, which was held in December 2000.
Publisher

Software Engineering Institute

Abstract

The primary goal of the workshop was to identify the situations under which ActiveX and related technologies may be used safely and to produce a paper describing security concerns and configuration guidance.

That goal was achieved, and the result of the workshop, this paper, serves not only to dispel unwarranted myths about the safety of using ActiveX but also to furnish guidance to network administrators and others faced with security issues involving mobile code in general and ActiveX in particular. ActiveX and similar mobile codes provide enhanced usability. The level of enhancement is significant enough for corporate and government users that Internet security policies and procedures should reflect “risk management” rather than “risk avoidance.”