Application-Defined Decentralized Access Control
C
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
patches
user
LICENSE
README.md

README.md

DCAC

DCAC is a practical OS-level access control system that supports application-defined principals. It allows normal users to perform administrative operations within their privilege, enabling isolation and privilege separation for applications. It does not require centralized policy specification or management, giving applications freedom to manage their principals while the policies are still enforced by the OS. DCAC uses hierarchically-named attributes as a generic framework for user-defined policies such as groups defined by normal users.

DCAC also supports NFSv3.

Publication

For more information, please see the USENIX ATC 2014 paper:

Application-Defined Decentralized Access Control

Authors

Yuanzhong Xu (yxu@cs.utexas.edu) Alan M. Dunn (adunn@cs.utexas.edu) Owen S. Hofmann (osh@cs.utexas.edu) Michael Z. Lee (mzlee@cs.utexas.edu) Syed Akbar Mehdi (samehdi@cs.utexas.edu) Emmett Witchel (witchel@cs.utexas.edu)