Application-Defined Decentralized Access Control

@article{Xu2014ApplicationDefinedDA,
  title={Application-Defined Decentralized Access Control},
  author={Yuanzhong Xu and Alan M. Dunn and Owen S. Hofmann and Michael Z. Lee and Syed Akbar Mehdi and Emmett Witchel},
  journal={Proceedings of the USENIX ... annual Technical Conference. USENIX Technical Conference},
  year={2014},
  volume={2014},
  pages={395-408}
}
DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined… CONTINUE READING