Computers often are used to store sensitive data or perform critically important tasks. Thus, it is desirable to prevent unauthorized access to computer system, especially if that unauthorized access involves attempts to change data or alter the configuration of the computer system.
Computer viruses are an example of one type of unauthorized access to a computer system. Viruses are executable programs that may be sent to unsuspecting users through some form of data exchange. Such data exchange can include sharing files or receiving electronic mail (e-mail). Virus executable programs are often attached to the shared files or are sent as e-mail attachments. Once a user receives the virus program in his or her computer system, it waits in the system for unintentional invocation by the user. Such invocation executes the virus program, thereby allowing unauthorized access to the computer system. Some computer viruses destroy a hard disk drive (HDD) boot sector and file allocation table (FAT) by writing invalid data to these areas, rendering all of the data on the HDD permanently inaccessible. These types of viruses are among the most dangerous viruses, as the HDD data cannot be recovered. Other examples include cookies and java/javascript applets received during internet access, macros embedded in documents, and remote login access.
Many attempts have been made to secure computer systems. Obviously, a computer system can be locked in a physically secure location with no communication with the outside world. However, such precautions also substantially reduce the usefulness of the computer system.
Software has been developed to monitor a computer system and prevent unauthorized access. However, since the unauthorized access may involve attempts to change data or alter the configuration of the computer system, it is possible that software for monitoring the computer system and preventing unauthorized access could itself be altered to circumvent it. Thus, a technique is needed to protect computer assets from unauthorized access that is immune from alteration, but that does not reduce the usefulness of the computer system.