1 research outputs found

    Notes on Application-Orientated Access Control

    No full text
    The protection qualities of discretionary access control systems realised by today's prevalent operating systems are based on an assessment of the trustworthiness of users. By starting a program a user transfers his trustworthiness to it, ie, there is the tacit assumption that the program's trustworthiness at least matches that of the user. However, malicious programs are a growing source of threat. They perform operations without the user's consent and often in contravention of his interests. To eliminate this danger we examine program-orientated protection strategies. We then present, firstly, a small enhancement to the operating system and, secondly, an addition to the operating system, which support both a user and an application with high security demands in the enforcement of authenticity and integrity even in the presence of malicious programs
    corecore