From InfoWorld - IBM researchers take AXE to computer security

Researchers at IBM’s Almaden Labs have developed a way to keep those nasty worms and viruses from running on computers, without the use of antivirus software.

The project is the brainchild of researcher Amit Singh, who has been working for several years on techniques to simplify PCs. Two years ago, Singh could see that computers were being choked by the growing amount of security and management software they were using, and he and fellow researchers Anurag Sharma and Steve Welch set about developing software that would make PCs more easy to use.

The solution? A research project called the Assured Execution Environment, (AXE) which takes a very strict approach to controlling what is run on the computer.

Essentially, their solution is a kernel level runtime engine that manages what software is allowed to execute based on some unique configuration that is supposedly “virtually impossible” for spyware and virus writers to reproduce.

Interesting stuff - will be good to see if any of these developments can be brought into production and how well they will work in the real world. I suspect the administrative overhead might be pretty high - but then again, managing all the security software on everyones machines is very high overhead now anway.