SAGE FIRST Inc.'s Process-Based SecurityTM (PBS) model is a hardened, Linux-based security paradigm. The PBS operating system is not concerned with who initiated the requesting program, only what the program wants. The program is permitted to utilize only authorized resources. It is a default-deny model to operating systems providing resources only to the pre-authorized applications. In other words, it is a default-deny allowing only what the owner of the system wants to security model.

For a more formal definition one could say PBS is a security model replacing user-based access (DAC) with process-based access (mandatory access controls, or MAC), invoking rules of least privilege and separation of duties.

When the system administrator in a DAC-based system loads a new program onto the system, the needs of the program are determined and the administrator sets the authorized (user-based) access profile. In effect, the system administrator is mapping the locally established access rights policy to the system. The program is now associated with a user and that user has specific rights that ultimately determine the program’s level of access. If the user has been spoofed, or if a program’s access privileges have been hijacked, the rogue program can now roam the system at will.

In a PBS system all system level policies are fixed and cannot be changed in the field. As a program operates and requests access to system resources, the program's authorized process profile checks to determine resource accessibility. This is accomplished by using a fine-grained access control table (ACL file, or access rights table) protected within the system. It maintains an authorized process profile for all known processes requiring access to system resources. This table has no entries for unauthorized or unknown processes.

The problem posed by viruses is an example of PBS capabilities, which are twofold. First, a virus unknown to the system would not have an authorized process profile. The virus is not allowed access to any files or I/O ports, keeping the virus from running or infecting the computer or other computers. Secondly, if a friendly program being loaded by the administrator had been somehow previously infected, the extent of damage is minimized based on assigned process profiles.