Microsoft Corp has enhanced the security in Internet Explorer 4.0, which up until now was fairly simplistic, requiring the user to know where an applet came from before it was downloaded, and whether or not the source could be trusted. It has introduced so- called Security Zones; the ability through Explorer to divide the web into areas that can be defined by systems administrators. For instance, IE 4.0 comes with four pre-defined zones, intranet, trusted extranet, general internet and untrusted, but administrators can set higher security levels for pages from the internet, or conversely higher levels of trust for pages from the intranet or know extranet sites. Settings for each zone can also be customised for Java applets, plug-ins, and the certificate management feature can be integrated within the zones to decide what third-party controls and signed code can be allowed on their intranets. Java applets from known sources can be allowed access outside the Java virtual machine’s secure sandbox, while others would be restricted to the sandbox. Microsoft has also released its Authenticode digital signing technology version 2.0, which confirms whether or not a piece of code was signed during the period of the publisher’s license. But that presupposes there are thousands of software vendors out there registering their software with some trusted body, which of course they are not.
Content from our partners
