Date of this Version
We propose a new protection mechanism to address active content, which applies fine-grained access controls at the level of individual data objects. All data objects arriving from remote sources are tagged with a non-removable identifier. This identifier dictates its permissions and privileges rather than the file owner’s user ID. Since users possess many objects, the system provides far more precise access control policies to be enforced, and at a far finer granularity than previous designs.
Ioannidis, Sotiris; Bellovin, Steven M.; and Smith, Jonathan M., "Sub-Operating Systems: A New Approach to Application Security" (2002). Departmental Papers (CIS). Paper 172.
Date Posted: 11 September 2005