Protecting Confidential Data
A new OS architecture introduces an Application Administrator role designed to prevent traditional system‑level users (e.g., root, sudo, admin) from accessing sensitive application data. Each application owner maintains full control over access rights, ensuring that only explicitly authorized individuals can view or manage protected information. No other users—including system administrators—are able to access or exfiltrate confidential data.
Protecting confidential data requires decoupling traditional system‑administrator privileges into distinct application‑administrator roles, preventing any single administrator from having unrestricted access to all data.
Separating duties into application‑administrator roles significantly reduces opportunities for system compromise.
By enforcing this model, the system neutralizes attackers, foreign adversaries who obtain system‑administrator rights, preventing them from accessing or exfiltrating confidential information. It also mitigates risks posed by malicious insiders by preventing disgruntled employees from carrying out unauthorized or illegal activities.
Additionally, by adding specific IP addresses to an ACL, the system can enforce location‑based access controls—for example, permitting access only from office networks while blocking attempts from home, other remote locations, or the public Internet.
US Patents: 11,677,754, and 12,445,453
Future Innovations:
Seeking business partners to develop solutions
For inquiries, please send a USPS registered mail to
ChienSEC LLC
12400 SE 38TH ST #40151
Bellevue, WA 98015