Conventionally, an operating system isolates application-specific data at the granularity of user accounts. That is, applications running with different user accounts are isolated from each other. As a result, an application running with a user account cannot access data for the same application running with another user account. However, data for applications executing with the same user account are not isolated from each other. As a result, an application executing with a user account can access and even modify data for another application executing with the same user account. This can cause potential stability, security and management problems. Therefore, it is desirable to provide a mechanism to separate application-specific data among applications sharing a same user account.