In order to support POSIX capability mechanism

many secure operating systems provided individual capability inheritable algorithms.These algorithms were only applicable to specified least privilege control policies

and had such defects as semantic conflicts and no defined security-objectives.So they couldn’t flexibly support for implementing diversified privilege policies for different requirements.Based on the analysis of some existing algorithms

a new capability inheritance algorithm was proposed

which introduced the policy-relevant capability control variable and the trusted application attribution.The implementation of the algorithm in ANSHENG secure operating system demonstrates that this algorithm provides such properties as policy-adaptability and usability

the formal analysis and verification of this algorithm proves that it supports a secure operating system to meet basic security theorems of the privilege policies enforced in it.