Current computer security models rely on the presence of a single super user account that is capable of modifying all system resources. The super user account is then used to create system users with reduced permissions to perform specific tasks. These account reductions are assigned to common system users while the administrator retains the super user account. A different way of looking at permissions is to instead allow the users to create trusted processes for modifying protected resources. The processes would be approved and finally elevated to trusted status through a group decision model. By utilizing the foundational theory of the Access Control Matrix and the Clark Wilson Model it is possible to completely remove the super user account from the system and replace it with a reference monitor controlled group process. By doing this it is possible to eliminate security vulnerabilities associated with the super user while avoiding the introduction of new vulnerabilities.
PDF Full Text Request