this has been done by a company called Advanced Computer Research in the 1990s - it has been proven to be working very well, so well that it was taken off the market (with force / criminal means). Officially the company was sold to an US conglomerate and immediately all products were taken off the market.
It was - in difference to the snake oil antivirus software sold commercially otherwise since then - also able to protect against unknown threats by creating a security focused virtual machine inside the PC and a sandbox around applications. This was the first VM available for PCs (1995)
What you're describing is whitelisting vs. blacklisting. Whitelisting will always be the better solution, but it presents far more usability and "approval process" problems than blacklisting does.
It was - in difference to the snake oil antivirus software sold commercially otherwise since then - also able to protect against unknown threats by creating a security focused virtual machine inside the PC and a sandbox around applications. This was the first VM available for PCs (1995)
The only links still visible that I could quickly find are: http://www.securityfocus.com/tools/803 http://web.archive.org/web/19990117023714/http://www.acrmain...