In the absence of systematic techniques to detect the existence of computer viruses, preventing suspicious software from entering the system at the initial point of entry appears to be the best method to protect computing resources against attacks of computer viruses. Currently, software is distributed primarily by diskettes instead of online transmission. Diskettes are more susceptible to modification and masquerading while on-line transmission usually follows proper user/message authentication. A software authentication system is proposed which does not require a mutually trusted center of both software vendors and users, or users' interaction with any key center. Vendors assume responsibility by signing released software and users verify the authenticity of received software before using it. Through such an authentication process, users eliminate the risk of running “unlicensed” or modified programs, thus eliminating the possibility of virus infections.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	D.E. Bell and L.J. LaPadula, Secure Computer System:Unified Exposition and Multics Interpretation, MITRE Tech. Report MTR- 2997, Mitre Corp., Bedford, Mass., March, 1976.
	2	K. J. Biba, Integrity Consideration for Secure Computer System, MITRE Tech. Report, MTR- 3153, June, 1975.
	3	D.D. Clark and C. T. Wilson, A Comparison of Commercial and Military Computer Security Policies, Proc. 1987, IEEE Symp. Security and Privacy, Oakland, CA, April, 1987, pp. 184-194.
	4	F. Cohen, Computer viruses: theory and experiments, Computers and Security, v.6 n.1, p.22-35, Feb. 1987  [doi>10.1016/0167-4048(87)90122-2]
	5	YJ. Huang and F. Cohen, Some Weak Points on One Fast Cryptographic Checksum Algorithm and its Improvement, IFIP TC-11 Computers and Security, Vol. 8, No. 1, 1989.
	6	E. Okamoto and H. Masumoto, ID-based Authentication System for Computer Virus Detection, Electronics Letters, Vol. 26, No.15, July, 1990, pp. 1169-1170.
	7	Ingemar Ingemarsson , Gustavus J. Simmons, A protocol to set up shared secret schemes without the assistance of mutually trusted party, Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, p.266-282, February 1991, Aarhus, Denmark
	8	R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]

• Data structures for quadtree approximation and compression Communications of the ACM   28, 9
  Hanan Samet
  
  
• A hierarchical single-key-lock access control using the Chinese remainder theorem Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing
  Kim S. Lee ,  Huizhu Lu ,  D. D. Fisher
  
  
• The GemStone object database management system Communications of the ACM   34, 10
  Paul Butterworth ,  Allen Otis ,  Jacob Stein
  
  
• Putting innovation to work: adoption strategies for multimedia communication systems Communications of the ACM   34, 12
  Ellen Francik ,  Susan Ehrlich Rudman ,  Donna Cooper ,  Stephen Levine
  
  
• An intelligent component database for behavioral synthesis Proceedings of the 27th ACM/IEEE Design Automation Conference on
  Gwo-Dong Chen ,  Daniel D. Gajski