290    Chapter 5 • Communication Security: Web Based Services

             item. In doing so, you will see a dialog box similar to that shown in Figure 5.10,
             which lists the ActiveX controls loaded and used by IE, downloaded from the
             Internet, and ones that can run without permission.

             Figure 5.10 Manage Add-ons Dialog Box



































                 In comparing ActiveX to Java, you will find a number of differences. One
             major difference is where each can run. Java works on virtually any OS, because
             the applets run through a virtual machine, which, as we mentioned, is essentially an
             emulator that processes the code separately from the OS.This allows Java to run on
             many platforms, including Windows, Linux, and Macintosh.ActiveX components
             are distributed as compiled binaries, meaning they will only work on the OS for
             which they were programmed. In practical terms, this means that they are only
             guaranteed to run under Microsoft Windows.
                 As with Java and JavaScript,ActiveX runs on the client side, thus many of the
             issues encountered will impact the user’s machine and not the server. However,
             while ActiveX controls can look similar to Java applets from a user point of view,
             the security model is quite different.ActiveX relies on authentication certificates in its
             security implementation, which means that the security model relies on human




          www.syngress.com