White paper: Adobe Flash Player 10 security
Requirements
User level
All
Security is a key concern of Adobe. For this reason, Adobe Flash Player 10 includes a set of security rules and controls to safeguard users, website administrators, and content developers. This white paper provides an overview of the Flash Player security model. Specifically, the information in this paper applies to the security model implemented in Flash Player 10,0,12.
Note: For information specific to the security model implemented in the Flash Player 9 April 2008 Security Update (version 9,0,124,0), refer to the Adobe Flash Player 9 security white paper.
About this document
This white paper focuses on the security-relevant features of the Flash Player client runtime, including those introduced in earlier versions of the product. While not attempting to distinguish between versions, some references are included where changes in the security model or potential operation of applications designed and implemented in earlier versions of Flash Player may significantly differ from the target Flash Player environment described in the document.
Unless otherwise noted, this document assumes that the target platform for your development is Flash Player 10,0,12 running content that uses ActionScript 3.0. There are no distinctions in the runtime security model between applications created using different development tools, such as Adobe AIR, Adobe Flex Builder, the Adobe Flex SDK, or Adobe Flash.
Read the white paper:
- Flash Player 10 security (PDF, 584K)
Topics covered:
- Flash Player security environment
- Flash Player security architecture
- Permission controls
- Deployment of the Flash Player runtime
- Deployment of Flash applications
Intended audience
This white paper is intended for the following audiences:
- Enterprise architects who are evaluating or need to better understand the security model of the Flash platform
- IT managers and system administrators who are interested in the security of Flash applications in their network environment
- Website administrators who deploy Flash applications from their sites
- Developers (including programmers and other authors) who design and publish Flash applications
This document assumes that you are familiar with Flash and ActionScript, as well as with their related terms, authoring tools, and environments.
Where to go from here
For more information about the Flash Player security, read the security topic area of the Flash Player Developer Center.
More Like This
- Overview of the Flash Player 10.3.183 Security Update
- Overview of the Flash Player 11.1.102 Security Update
- Cirrus service for developing end-to-end applications using RTMFP in Flash Player 10
- Reducing the risk of malicious web attacks with HP SWFScan
- Adobe Flash Player version checking protocol
- Understanding the security changes in Flash Player 10
- User-initiated action requirements in Flash Player 10
- Exploring full-screen mode in Flash Player
- Private browsing in Flash Player
- Overview of the Flash Player 10.2.152 Security Update
