EPP: Empirical Privilege Profiling for Black-box Software

Period of Performance: 07/28/2004 - 03/31/2005


Phase 1 SBIR

Recipient Firm

Architecture Technology Corp.
9971 Valley View Road Array
Eden Prairie, MN 55344
Principal Investigator


The Principle of Least Privilege says that programs should operate with sufficient privilege to get the job done, but no more, in order to minimize the harm that can be done in case of error. The Empirical Privilege Profiling system (EPP) will collect data about privileges actually exercised by running programs and use them to create a composite abstract privilege profile for the program, which can be used to guide system administrators in granting program privileges. To create EPP, ATC-NY will develop novel technologies for finding the privileges exercised by programs and for building composite abstract profiles.