• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL

Chapter 10. Security > Java Security Framework

10.3. Java Security Framework

10.3.1. Receiver Security SandBox

The advantages of executable content, such as ECMA Script or Java classes, come from the increase in power and flexibility provided by software programs. The essence of the problem is that running programs on an iTV receiver typically gives that program access to certain resources on that receiver. If an iTV receiver that downloads and executes code is not careful to restrict access, untrusted applications may contain malicious programs with the same ability to do mischief as a hacker who had gained access to the receiver. Unfortunately, the solution is not as simple as completely restricting a downloaded program's access to resources: To be useful, a program needs to access certain resources. Thus, if one desires useful and secure executable content, access to resources needs to be carefully controlled. In the context of iTV, the following operations are typically considered sensitive:

  • Disclosure of information about a viewer or the receiver

  • Automatic tuning or selection of program components or applications to launch

  • Grabbing display area (this may override the main video or other applications)

  • Controlling audio rendering (this may disrupt or degrade the viewer's experience)

  • Grabbing focus of remote control events (this may prevent channel changing)

  • Downloading large amounts of data (e.g., video clips) that overwhelm the receiver

  • Accessing a return channel (and possibly the open Internet)

  • Upgrading receivers (this may damage receiver's software)



Not a subscriber?

Start A Free Trial

  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint