Problem: conventional security treats programs as black box.
Includes encryption,
firewalls, system call control, process-level privilege and permissions-based access control.
Black box approach misses many security issues, which are instead provided by language runtimes and compilers.
Conventional OS security: program as isolated process, communicates with kernel only through system calls. Hence coarse-grained control. Principals are users (transferring privileges to processes started), objects are system resources.
Example: database logic is an application-level control, operating on database objects rather than entire files (language statement: if user authenticates => return user row).