Academic Journals Database
Disseminating quality controlled scientific knowledge

Research on User Permission Isolation for Multi-Users Service-Oriented Program

Author(s): Liang Peng | Yingxu Lai | Shupo Bu | Zhan Jing | Li Yu | Jiang Wei | Lin Li

Journal: Advances in Molecular Imaging
ISSN 2161-6728

Volume: 05;
Issue: 02;
Start page: 105;
Date: 2012;
Original page

Keywords: Least Privilege | Virtualization | Isolation | Privileged User | Domain | System Service

For the super user privilege control problem in system services, a user permission isolation method is proposed. Based on virtualization technology, the permission limited environments are constructed for different users. According to privilege sets, the users, mapping relations are built among users, isolated domains and program modules. Besides, we give an algorithm for division of program permissions based on Concept Lattices. And the security strategies are designed for different isolated domains. Finally, we propose the implications of least privilege, and prove that the method eliminates the potential privileged users in system services.

Tango Rapperswil
Tango Rapperswil


HR software für Hotellerie

Automatische Erstellung
von Personaldokumente
und Anmeldungen bei Behörden