A method to enhance application system access control

Information security classified protection work is now being carried out in China. Most of the third class application systems do not have high-strength access control mechanism, because the mechanism is on the application layer and lacks safe support from OS. This paper firstly discusses the specific forms of access control semantic on application layer and OS layer. Next it introduces the idea for parsing the context related to access control and then proposes a security model called Access Control Semantic Encapsulation Model (ACSEM). This model could establish mapping relationships for semantic on different layers and transfer the encapsulated semantic to OS kernel, where the access control mechanism is implemented. Finally a Web Application Security Enhanced System (WASES) is realized based on ACSEM, which shows that the model can provide safe and reliable support for the application systems.