摘要 |
A secure application environment ("SAE") may be created by using derivation transformations ("DTs") to create a derived user account ("DUA") based on the original user account ("OUA"). An SAE may be created by selecting for each resource whose access is controlled by the OUA a DT that provides security for that resource without, whenever possible, reducing the functionality of the system as a whole, and creating a means for accessing a version of each resource based on the selected DT that may be accessed by an insecure actor.
|