Research on User Permission Isolation for Multi-Users Service-Oriented Program

Research on User Permission Isolation for Multi-Users Service-Oriented Program

For the super user privilege control problem in system services, a user permission isolation method is proposed. Based on virtualization technology, the permission limited environments are constructed for different users. According to privilege sets, the users, mapping relations are built among user...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of communications, network and system sciences network and system sciences, 2012-02, Vol.5 (2), p.105-110
Hauptverfasser: Yu, Li, Wei, Jiang, Li, Lin, Jing, Zhan, Peng, Liang, Lai, Yingxu, Bu, Shupo
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Communication systems
Control systems
Division
Lattices
Networks
Security
Strategy
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:For the super user privilege control problem in system services, a user permission isolation method is proposed. Based on virtualization technology, the permission limited environments are constructed for different users. According to privilege sets, the users, mapping relations are built among users, isolated domains and program modules. Besides, we give an algorithm for division of program permissions based on Concept Lattices. And the security strategies are designed for different isolated domains. Finally, we propose the implications of least privilege, and prove that the method eliminates the potential privileged users in system services.
ISSN:1913-3715
1913-3723
DOI:10.4236/ijcns.2012.52014