Sensitive security points in PC microcomputers: understanding for building secure solutions to intrusions

The future of computer security is very dependent on the wild development of networking and microcomputing, and it is more and more difficult to protect microcomputers against enhanced piracy or "viruses". Also, a revision of such systems must be taken into consideration involving machines, operating systems, applications and data to avoid unauthorized access, abusive use of resources and losses of confidentiality, integrity and availability.Solutions need to be realistic to guarantee effective security. This involves mechanisms which are dependent on hardware and system software. MS-DOS components at work, boot, interrupts, DOS call functions are examined, and at the same time advanced "viruses" usages involving active and passive techniques, to suggest and evaluate possible solutions.A dual software examiner and security board solution is described. It does not necessitate modifying actual versions of the operating system, or applications in use, and new information about files can be stored in a secure way to avoid manipulation. Such a proposition can help to build security as a countermeasure to various intrusions, these from men, "viruses", worms and Trojan horses. It is better than any pure software solution which cannot guarantee overall security and especially in case of advanced "stealthy virus" attacks. It is possible to implement an intrusion detection model to predict future action from different intruders. This model has to support intuition exploration, and uncertainty or adaptative reasoning, working under control of a software security examiner which is itself under control of a hardware.