Hardware-Assisted Application-Level Access Control

Applications typically rely on the operating system to en-force access control policies such as MAC, DAC, or other policies. How-ever, in the face of a compromised operating system, such protection mechanisms may be ineffective. Since security-sensitive applications are most motivated to maintain access control to their secret or sensitive in-formation, and have no control over the operating system, it is desirable to provide mechanisms to enable applications to protect information with application-specific policies, in spite of a compromised operating system.