[ insider_reports_insider ]
IBM Sharpens The AXE
John Stith
Staff Writer
2005-10-28
 Insider Reports RSS Feed
The folks at IBM's Almaden Labs have an AXE in the pipeline. The new program will keep viruses and worms from running sans antivirus software.
 | | IBM Has an AXE in the Pipeline |  |
Editor's Note: New problems creep up every day with worms and viruses. IBM is working on a possible alternative to traditional antivirus software. Will the whitelist approach work? You tell us about it at the Security Forum in WebProWorld.
The program, called Assured Execution Environment (AXE), creates a security system controlled by administrators on the computer. Your IT folks will plug in a predetermined list of code. Anything not on that list will not run when the computer boots up.
When it boots, AXE loads "AXE Runtime" into the kernel then scans for software not on the list to make sure nothing untoward comes through. This process doesn't kill viruses and worms; it merely keeps them from running.
Amit Singh put this project together and has been working on it for the last two years. "We are making every machine a unique OS," Singh told InfoWorld, who added that, at present, AXE works with both the Windows and Mac OS operating system kernels.
AXE does have a distinct downside. It is manageability. Essentially what it does is create ‘whitelists' and anything outside of the list isn't allowed in. While this may be great for keeping things out, it also means that IT administrators could be worked like "borrowed mules."
The reason for this is every time a new update comes out or someone needs a new piece of software for something, the administrator will have to work it in. This could create a lot of problems with time management.
This tool could be a useful feature but based on the initial once-over, it doesn't look like it could be a standalone security product. It will keep things from starting on the system, but it won't cure the bug or whatever it is afflicting the computer. If a virus or worm showed up, it would prevent it from running but not necessarily clean it out. This means the traditional protection measure would also need to be in place.
The project isn't out yet and others are also experimenting with whitelist approaches because of the volume of virus and worm problems out there. What will happen with AXE in the future is unknown. What is known as the something has to improve the current state of cyber security because, in many cases, it's far too easy to spread worms and viruses and hack into systems and what we do have is often complicated.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
