Implicit Security. no virus no, no virus no...

File sand boxes - this idea seems pretty elementary to me, so I don't see why it has not occured yet (well, new OS are starting to do it). It is that a program cannot access anything that it is not supposed to access. How? Easy, just ensure that the file open box is the only thing that can enumerate and open files, and poof - a user must enable something to be opened before it can be opened. How far can we get away with such a simple system? Well, if you think of a OS as simply as a set of functions, then we have this type of security implicit in our design - after all, if a function cannot access information that is not piped into it, it is so much more secure.

Encryption - Encryption is part of the file system - it is merely another transformation point that lies between our view and our physical systme. Interestingly, whwat we generally have in computing is: physical (disk drives/ram/keyboard) -> abstract (binary) -> abstract processing (algorithms on binary space) -> physical (disk drives/ram/monitor)