Improving real-world access control systems by identifying the true origins of a request

Access control is the traditional center of gravity of computer security. In order to make correct access control decisions, a critical step is to identify the origins of an access request. The origins of a request are the principals who cause the request to be issued and the principals who affect the content of the request. Therefore, the origins are responsible for the request. The access control decision should be based on the permissions of the origins.In this dissertation, we examined two real-world access control systems, operating system access control and browser access control. They are vulnerable to certain attacks because of their limitations in identifying the origins of a request. In particular, the discretionary access control (DAC) in the operating system is vulnerable to Trojan horses and vulnerability exploits, while the same origin policy (SoP) in the browser is vulnerable to the malicious proxy adversary against HTTPS and the cross-site request forgery attack. We proposed enhancements of both systems by identifying the true origins of a request. We discussed the design details, the prototype implementations, and the experimental evaluations of the enhancements.