A computer-based method for generating a Downloadable ID to identify a Downloadable, comprising:</claim-text> obtaining a Downloadable that includes one or more references to software components required to be executed by the Downloadable; fetching ast one software component identified by the one or more references; and performing a hashing function on the Downloadable and the fetched software components to generate a Downloadable ID. view more

The method of claim 1, wherein the Downloadable includes an applet.

The method of claim 1, wherein the Downloadable includes an active software control.

The method of claim 1, wherein the Downloadable includes a plugin.

The method of claim 1, wherein the Downloadable includes HTML code.

The method of claim 1, wherein the Downloadable includes an application program.

A system for generating a Downloadable ID to identify a Downloadable, comprising:</claim-text> a communications engine for obtaining a Downloadable that includes one or more references to software components required to be executed by the oadable; and an ID generator coupled to the communications engine that fetches at least one software component identified by the one or more references, and for performing a hashing function on the Downloadable and the fetched software components to generate a Downloadable ID. view more

The system of claim 9, wherein the Downloadable includes an applet.

The system of claim 9, wherein the Downloadable includes an active software control.

The system of claim 9, wherein the Downloadable includes a plugin.

The system of claim 9, wherein the Downloadable includes HTML code.

The system of claim 9, wherein the Downloadable includes an application program.

A computer-readable storage medium storing program code for causing a computer to perform the steps of:</claim-text> obtaining a Downloadable that includes one or more references to software components required to be executed by the Downloadable; ing at least one software component identified by the one or more references; and performing a hashing function on the Downloadable and the fetched software components to generate a Downloadable ID. view more

A computer-based method, comprising the steps of: receiving an incoming Downloadable addressed to a client, by a server that serves as a gateway to the client; comparing, by the server, Downloadable security profile data pertaining to the Downloadable, the Downloadable security profile data includes a list a suspicious computer operations that may be attempted by the Downloadable, against a security policy to determine if the security policy has been violated; and preventing execution of the Downloadable by the client if the security policy has been violated. view more

The method of claim 1, further comprising the step of decomposing the Downloadable into the Downloadable security profile data.

The method of claim 2, wherein the security policy includes an access control list and further comprising the step of comparing the Downloadable security profile data against the access control list.

The method of claim 1, further comprising the steps of scanning for a certificate and comparing the certificate against a trusted certificate.

The method of claim 1, further comprising the step of comparing the URL from which the Downloadable originated against a known URL.

The method of claim 5, wherein the known URL is a trusted URL.

The method of claim 5, wherein the known URL is an untrusted URL.

The method of claim 1, wherein the Downloadable includes a Java.TM. applet.

The method of claim 1, wherein the Downloadable includes an ActiveX.TM. control.

The method of claim 1, wherein the Downloadable includes a JavaScript.TM. script.

The method of claim 1, wherein the Downloadable includes a Visual Basic script.

The method of claim 1, wherein the security policy includes a default security policy to be applied regardless of the client to whom the Downloadable is addressed.

The method of claim 1, wherein the security policy includes a specific security policy corresponding to the client to whom the Downloadable is addressed.

The method of claim 1, wherein the client belongs to a particular group; and the security policy includes a specific security policy corresponding to the particular group.

The method of claim 1, further comprising the step of comparing the Downloadable against a known Downloadable.

The method of claim 24, wherein the known Downloadable is hostile.

The method of claim 24, wherein the known Downloadable is non-hostile.

The method of claim 24, further comprising the step of including a previously received Downloadable as a known Downloadable.

The method of claim 27, wherein the security policy identifies a Downloadable to be blocked per administrative override.

The method of claim 28, wherein the security policy identifies a Downloadable to be allowed per administrative override.

The method of claim 1, further comprising the step of informing a user upon detection of a security policy violation.

A system for execution by a server that serves as a gateway to a client, the system comprising: a security policy; an interface for receiving an incoming Downloadable addressed to a client; a comparator, coupled to the interface, for comparing Downloadable security profile data pertaining to the Downloadable, the Downloadable security profile data includes a list a suspicious computer operations that may be attempted by the Downloadable, against the security policy to determine if the security policy has been violated; and a logical engine for preventing execution of the Downloadable by the client if the security policy has been violated. view more

The system of claim 32, wherein the Downloadable includes a Java.TM. applet.

The system of claim 32, wherein the Downloadable includes ActiveX.TM. control.

The system of claim 32, wherein the Downloadable includes a JavaScript.TM. script.

The system of claim 32, wherein the Downloadable includes a Visual Basic script.

A computer-readable storage medium storing program code for causing a server that serves as a gateway to a client to perform the steps of: receiving an incoming Downloadable addressed to a client; comparing Downloadable security profile data pertaining to the Downloadable against a security policy to determine if the security policy has been violated; and preventing execution of the Downloadable by the client if the security policy has been violated. view more

A processor-based method, comprising: receiving downloadable-information; determining whether the downloadable-information includes executable code; and causing mobile protection code to be communicated to at least one information-destination of the downloadable-information, if the downloadable-information is determined to include executable code, wherein the causing mobile protection code to be communicated comprises forming a sandboxed package including the mobile protection code and the downloadable-information, and causing the sandboxed package to be communicated to the at least one information-destination. view more

The method of claim 5, wherein the sandboxed package further includes protection policies according to which the mobile protection code is operable.

The method of claim 6, wherein the protection policies correspond with at least one of the information-destination and a user of the information destination.

A processor-based system, comprising: an information monitor for receiving downloadable-information; a content inspection engine communicatively coupled to the information monitor for determining whether the downloadable-information includes executable code; and a packaging engine communicatively coupled to the content inspection engine for causing mobile protection code (“MPC”) to be communicated to at least one information-destination of the downloadable-information, if the downloadable-information is determined to include executable code, wherein the packaging engine comprises an MPC generator for providing the MPC, a linking engine coupled to the MPC generator for forming a sandbox package including the MPC and the downloadable-information, and a transfer engine for causing the sandbox package to be communicated to the at least one information-destination. view more

The system of claim 12, wherein the packaging engine further comprises a policy generator communicatively coupled to the linking engine for providing protection policies according to which the MPC is operable.