Abstract

Processes in operating systems are assigned different privileges to access different resources. A process may invoke other processes whose privileges are different; thus, its privileges are expanded (or escalated) due to such improper “inheritance.” Inter-networking can also occur between processes, either transitively or iteratively. This complicates the monitoring of inappropriate privilege assignment/escalation, which can result in information leakage. Such information leakage occurs due to privilege transitivity and inheritance and can be defined as a general access control problem for inter-networking linkages. This is also a topic that is generally less studied in existing access control models. Specifically, in this paper, we propose a lightweight directed graph-based model, LiCo, which is designed to facilitate the authorization of privileges among inter-networking processes. To the best of our knowledge, this is the first general access control model for inter-invoking processes and general inter-networking linkages.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call