I am developing a kernel driver and a user mode application. The driver needs to read a registry key. The registry key is created by my user mode application.
How can I restrict the registry key access only to my kernel driver, i.e. not other kernel driver?
I studied ACL/ACE, but it seems based on SID (user/group) and does not address my scenario.
Kernel drivers are, by definition, part of the OS... which means they're part of the Trusted Computing Base. So, there's no OS-based security that you could apply that'd prevent part of the OS from accessing a resource.
If it's really important, the only thing you can do is restore to encrypting this data somehow. But given you'd have the key somewhere in kernel memory, which could potentially be accessed by another kernel-mode driver, that just becomes "security through obscurity".