CyberForceField could be the key to desktop security

Traditional desktop security would improve beyond recognition if applications could be controlled to a point where they cannot access any part of the system that they do not need to, according to Alcy Infinity, co-founder of Timesavers International.

Traditional desktop security would improve beyond recognition if applications could be controlled to a point where they cannot access any part of the system that they do not need to, according to Alcy Infinity, co-founder of Timesavers International.

The failure of current desktop security practices were highlighted last week when Ivan Krstić, director of security architecture for the One Laptop per Child project, opened the AusCERT 2007 conference by pointing out that modern computer security is based on a premise that was created 35 years ago -- when computers were unconnected.

Krstić said modern computers "run untrusted code every time they visit a Web site".

One possible solution is to virtualise applications so they can only run in a specific area of the computer's memory and only access specific resources, according to Timesavers International's Infinity.

He told ZDNet Australia in a telephone interview on Tuesday, that he has developed a security application called CyberForceField, which has been designed specifically to solve this problem.

"The programs have too much uncontrolled power -- we need to empower the users so they know what programs are running, what they can do and how they can communicate with the Internet.

"We need to monitor every action of the program so it can only do what it is supposed to do from the day they are installed," said Infinity.

The CyberForceField is able to "compartmentalise the hard drive" and ensure programs cannot access resources they do not need, according to Infinity.

"The most secure state of a computer is one where you compartmentalise the hard drive and assign the right files to the right programs. Then you can restrict the behaviour of programs to a specific amount of files instead of the whole hard drive.

"You can then control that your e-mail program is the only program that can access your e-mail folder. Without this, any game or program you install may be able to collect e-mail addresses or check [spy on you]," he said.

Infinity said a trial version of CyberForceField will be available on the company's Web site from 14 June.