Information security with specific reference to browser technology

M.Comm.The present study was undertaken in the realm of the Internet working environment, with its focus on measures by which to secure executable code in the Web-browsing environment. The principal aim of this study was to highlight the potential security risks that could be incurred while a user is browsing the World Wide Web. As a secondary objective, the researcher hoped, by means of a prototype and the process of real-time risk analyses, to alert the general Internet user population to these risks. The main objective of the prototype was to provide a framework within which users could be warned of potentially dangerous actions effected by executing code in their browsing environments in real time. Following, an overview of the research methodology employed to realise the objectives of this study. The study commenced with an introduction to the Internet and, along with that, to the World Wide Web. In the course of the introduction, the researcher took a closer look at a number of risks associated with this environment. In sketching the Internet environment and its associated risks, the researcher also provided ample motivation for the study. After having established the clamant need to secure the Web-browsing environment, a conceptual model was expounded. This model would later form the basis for the Real-time Risk Analyser prototype to be presented. In order, however, to justify further research into and development of the said RtRA prototype, it was necessary first to evaluate existing browsing technologies. A formal approach was followed to draw a comparison between the existing browsers. The said comparison also served to uncover some of the shortcomings of these browsers in terms of the security features they support. Since the focal point of this study was to be the various ways in which to secure executable code on the Internet, it was decided to launch an investigation into Java, as it probably is the most familiar executable code used in the Web browsing environment. The Java Security Model was, therefore, thoroughly researched in a bid to determine possible ways in which to monitor executable Java code. After having investigated the browsing environment and after having determined possible ways of performing real-time risk analyses, a prototype was developed that could monitor executable Java code in a browsing environment. Following, the prototype was put through its paces in a hypothetical scenario. The study culminated in a summary of the results of and the conclusions about the research study. Further problem areas that could become the focal points of future research projects were also touched upon