Network security is an increasingly important issue for network users, both inside enterprises operating intranets, and for larger or more global data, computer and communications networks, such as the internet and the world wide web. Substantial technology has been developed for providing network security functionality, including access control, protected communications, security assistance and security policy management.
Access control concerns a decision whether a particular user or end system, or user-initiated communication, should be given access to a particular computing or communications resource. For example, certain users or categories of users may be given access to electronic mail (email) functionality, but not to accounting functionality, all of which may be available on the same network, such as a corporate intranet.
Similarly, other security functionality (referred to as protected communications) concerns methods for ensuring that information or other data is not available to unauthorized individuals, e.g., may not be accessed, modified, read or copied by unauthorized users. Other security functionality includes providing support in various network devices for securing other parts of the network system, and managing the actual network data which defines the security policies of the network.
As security measures have evolved, however, security breach tactics have become increasingly clever. Password protection and personal identification numbers ("PIN" numbers) are known security measures which have been utilized to provide physical security of devices such as computers, and to provide access control to computer systems and contents, such as access control over accounts, records, programs, and other sensitive information. Various attempts to circumvent such security measures include a "Trojan Horse" attack, in which (unknown to the user) a rogue program or other application is substituted for a proper program or application. When the user attempts to use the proper program or application, the rogue program or application is executed instead, with concomitant and frequently harmful consequences. Various known "Trojan Horse" attacks utilized by computer "hackers" have included installation of programs that, upon execution, transmit the user's password or account PIN number to the hacker. Such an attack thereby enables a corresponding breach of security of any systems previously protected by the user's password or PIN number, such as a user's bank account.
The Java.RTM. language, compiler, interpreter, and overall Java architecture (individually and collectively referred to as "Java" or "Java architecture") has been developed by Sun Microsystems, Inc. ("Sun") for computer and communications networking and other applications. Java is designed to thwart such "Trojan Horse" or other attacks that may originate from a network (i.e., from the network server side of a client-server network). For world wide web ("web") and other internet applications, many current web browsers are Java-enabled (i.e., the web browser includes program instructions for a Java Virtual Machine ("JVM")), which provides for local execution of Java bytecode. When a network user accesses and requests information from a web page using a Java-enabled browser, an executable application or program package referred to as an "applet" or "applet package" may be downloaded in bytecode form to the user end system (the client side of the client-server network). The applet (in bytecode form) is then executed by the JVM of the web browser which, coupled with any data downloaded from the network, provides a locally running application on the user end system. Such locally running applications may include an interactive web page, an interactive game application, or an interactive spreadsheet.
Given that such ultimately foreign program code is downloaded for local execution, there are inherent security issues that could arise and, therefore, which have been addressed and circumvented in advance within the Java architecture. The Java architecture includes security features that prevent such downloaded programs from interfering with the user's private or non-network resources. Referred to as the "Java sandbox", the Java architecture prevents an untrusted or potentially malicious applet (downloaded to the local end system from a remote web server) from reading, writing, or executing private resources, such as the local hard drive. Among other security features, the Java language is a typesafe language, which does not allow pointers to read or write to arbitrary memory locations. In addition, prior to execution of an incoming applet, the applet is run through a Java bytecode verifier, which examines the bytecode for potentially illegal commands, such that only legal applets get executed by the JVM at the local end system. See, e.g., Java Security Whitepaper, available at the Sun web sites java.sun.com and javasoft.com; A. Tanenbaum, Computer Networks (Prentice-Hall, 3d ed. 1996), at 718-20; D. Flanagan, Java in a Nutshell, (O'Reilly, 2d ed. 1997), at 7, 139-43.
While the Java architecture prevents security breaches originating from a network (or network server), a need remains to be able to thwart potential security breaches that may originate from a local user (i.e., from a local end system or the client side of a client-server network). For example, in the event physical security of a local end system is breached or otherwise compromised, a rogue program or virus may be stored locally at the end system, such as a rogue program for emulating or "spoofing" an applet. A need remains, therefore, to be able to prevent any such locally loaded programs or applets from unknowingly being executed by an innocent user and potentially compromising the network security of the user of such an applet or other program. Such additional security measures also should be capable of being implemented without additional network hardware, should be cost-effective, and should be user transparent.