...Introduction and Abstract Copyright(c), 1984, Fred Cohen - All Rights Reserved This paper defines a major computer security problem called a virus. The virus is interesting because of its ability to attach itself to other programs and cause them to become viruses as well. There are two spellings for the plural of virus; 'virusses', and 'viruses'. We use the one found in Webster's 3rd International Unabridged Dictionary Given the wide spread use of sharing in current computer systems, the threat of a virus carrying a Trojan horse [Anderson72] [Linde75] is significant. Although a considerable amount of work has been done in implementing policies to protect from the illicit dissemination of information [Bell73] [Denning82], and many systems have been implemented to provide protection from this sort of attack [McCauley79] [Popek79] [Gold79] [Landwehr83], little work has been done in the area of keeping information entering an area from causing damage [Lampson73] [Biba77]. There are many types of information paths possible in systems, some legitimate and authorized, and others that may be covert [Lampson73], the most commonly ignored one being through the user. We will ignore covert information paths throughout this paper. The general facilities exist for providing provably correct protection schemes [Feiertag79], but they depend on a security policy that is effective against the types of attacks being carried out. Even some quite simple protection systems cannot be proven 'safe' [Harrison76]...
Words: 8970 - Pages: 36