Notes on application-orientated access control

Author

Spalka, Adrian ; Langweg, Hanno

Author_Institution

Dept. of Comput. Sci. III, Bonn Univ., Germany

fYear

2002

fDate

2-6 Sept. 2002

Firstpage

451

Lastpage

455

Abstract

The protection qualities of discretionary access control systems realised by today´s prevalent operating systems are based on an assessment of the trustworthiness of users. By starting a program a user transfers his trustworthiness to it, i.e., there is the tacit assumption that the program´s trustworthiness at least matches that of the user. However, malicious programs are a growing source of threat. They perform operations without the user´s consent and often in contravention of his interests. To eliminate this danger we examine program-orientated protection strategies. We then present, firstly, a small enhancement to the operating system and, secondly, an addition to the operating system, which support both a user and an application with high security demands in the enforcement of authenticity and integrity even in the presence of malicious programs.

Keywords

authorisation; data integrity; operating systems (computers); application-orientated access control; authenticity; discretionary access control systems; integrity; malicious programs; operating systems; program-orientated protection strategies; trustworthiness; Access control; Application software; Communication system control; Computer science; Computer security; Computer viruses; Computer worms; Invasive software; Operating systems; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 2002. Proceedings. 13th International Workshop on

ISSN

1529-4188

Print_ISBN

0-7695-1668-8

Type

conf

DOI

10.1109/DEXA.2002.1045939

Filename

1045939