| CPC H04L 63/105 (2013.01) [H04L 63/104 (2013.01)] | 20 Claims |
|
1. A method for computer security, the method comprising:
receiving an indication that a user is attempting to access a resource on a computing system, wherein the computing system includes an operating system that represents multiple users and groups including a safe mode superuser, an administrative group with a corresponding administrative superuser, and an application group with a corresponding application superuser;
determining a source identifier associated with the user, wherein the user is in exactly one of the multiple user groups;
controlling access to the resource based on the resource, the group of the user, and the source identifier;
storing a list that identifies executable programs or libraries;
allowing modification of the list only by the safe mode superuser when that superuser is logged in during maintenance mode; and
when the resource is an executable application, allowing execution of the application only if it is identified by the list.
|