This talk is about work by myself and Hongbin Zhou, who's a PhD student in Cork (except he's here today). One of the problems that we're interested in is just simple authorisation, whether or not somebody is allowed to perform some action, get access to some resource. In the good old days we had the traditional view of system administrators who had control over everything, and they had, or at least liked to think that they had, a very clear picture of what the resources were for, and who should have access to the resources, and so on. As a consequence they tend to exercise very tight control, they don't like giving away authorisation to resources, and it's usually a battle for somebody to get additional access to any resource. Administrators in these closed systems exercise their principle of "no privilege", nobody's allowed to do anything. As a consequence, the opportunity to subvert an administrator is very small, so you really have to work hard to get anywhere within one of these closed systems.
展开▼