positive security models can be ideal (i just posted about this on the php security tutorial) but are not always applicable nor will they protect from all attack types.

also remember two things the bodys approach is not perfect (ebola) and intrusion prevention is only the first generation of computer security.