In the Active Cache environment, the proxy system is particularly vulnerable to two types of security attacks: an applet's illegal access to information belonging to other Web servers, and denial-of-service attacks. To guard against the first type of attacks, we rely on a type-safe language with built-in security mechanisms, a well-defined security interface, and static examination of the code. To guard against the second type of attacks, we rely on user-request triggered execution of cache applets, run-time accounting of resource consumptions, and limiting the resource consumptions.