In aspects, interactions between processes of a desktop are allowed or denied based on security data. The security data may comprise a first bitmap that indicates whether a requesting process is allowed to cause an action to occur, a second bitmap that indicates whether a process is protected from having an action occur, and a third bitmap that indicates whether the requesting process may override protection, if any, in causing the action to occur.