Title :
Notes on application-orientated access control
Author :
Spalka, Adrian ; Langweg, Hanno
Author_Institution :
Dept. of Comput. Sci. III, Bonn Univ., Germany
Abstract :
The protection qualities of discretionary access control systems realised by today´s prevalent operating systems are based on an assessment of the trustworthiness of users. By starting a program a user transfers his trustworthiness to it, i.e., there is the tacit assumption that the program´s trustworthiness at least matches that of the user. However, malicious programs are a growing source of threat. They perform operations without the user´s consent and often in contravention of his interests. To eliminate this danger we examine program-orientated protection strategies. We then present, firstly, a small enhancement to the operating system and, secondly, an addition to the operating system, which support both a user and an application with high security demands in the enforcement of authenticity and integrity even in the presence of malicious programs.
Keywords :
authorisation; data integrity; operating systems (computers); application-orientated access control; authenticity; discretionary access control systems; integrity; malicious programs; operating systems; program-orientated protection strategies; trustworthiness; Access control; Application software; Communication system control; Computer science; Computer security; Computer viruses; Computer worms; Invasive software; Operating systems; Protection;
Conference_Titel :
Database and Expert Systems Applications, 2002. Proceedings. 13th International Workshop on
Print_ISBN :
0-7695-1668-8
DOI :
10.1109/DEXA.2002.1045939
