Anti-tamper mechanism revises access control list and user process access token to deny access to key resources associated with security application

摘要

Computer resources include key resources 115 protected by access control list (ACL) 116 associated with security application 110. Security module 210 uses the ACL to control access to the key resources and may, on request from user process 120, grant the process privileged access rights to those resources by virtue of its access token 122a. However, anti-tamper mechanism 240 creates protection group 117 as a local security group and adds deny access control entry (ACE) 116a to the ACL to restrict access to the key resources by members of the group. The anti-tamper mechanism intercepts the user process access request, revises the processe access token to include the protection group and applies revised token 122b to the process. The security module matches the group in the revised token against the deny ACE in the ACL and restricts access to the key resources, despite access token 122a denoting such access rights.