Access control shells may be difficult to administer, but are relatively easy for the end-user. This type of tool is primarily designed for policy enforcement, but can also detect the replication of a virus or activation of a Trojan horse.
The tool may incur high overhead processing costs or be expensive due to hardware components. Both false positives and false negatives may occur. False positives will occur when the access tables do not accurately reflect system processing requirements. False negatives will occur when virus replication does not conflict with the user's access table entries.