Abstract: In order to solve the problem that traditional system access control technology can’t limit system’s privilege in process-level, a new solution to Windows system Discretionary Access Control with low cost is proposed. By using Windows kernel mode driver, a process monitoring system which adopts the system access token control technology is designed, the components and key technologies of it are given after a deep analysis of Windows Access Control List (ACL) mechanism. It not only solves the system compatibility issues that traditional HOOK API methods are facing, but also achieves the goal that different processes can be adjusted in different run-level of specified privileges, while providing very fine-grained discretionary access control.