Title :
Preventing the execution of unauthorized Win32 applications
Author :
Schmid, Matthew ; Hill, Frank ; Ghosh, A.K. ; Bloch, J.T.
Author_Institution :
Cigital Inc., Dulles, VA, USA
Abstract :
Describes an approach and tool for providing administrative control over the execution of software on a Windows NT/2000 system. The kernel-driver-based approach provides the system administrator with a way of restricting users to running only approved applications. As a result, illegal, pirated, personal and malicious software executables can be prevented from running on corporate machines. We describe the key issues involved in the development of this tool and the features that make this tool an important part of regaining enterprise-wide control over corporate machines
Keywords :
authorisation; operating system kernels; Microsoft Windows 2000; Microsoft Windows NT; administrative control; application execution restrictions; approved applications; corporate machines; enterprise-wide control; illegal software executables; kernel-driver-based approach; malicious software executables; personal software executables; pirated software executables; unauthorized Win32 application execution prevention; Application software; Control systems; Home appliances; Kernel; Machinery; Marine vehicles; Operating systems; Production facilities; Software design; Software tools;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932170
