Chapter 15: Access Control Mechanisms - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

Chapter 15: Access Control Mechanisms

Description:

Tagged architecture set of bits associated with each word that controls ... Cryptographic checksums - used to check the integrity of the data. 6 ... Locks and Keys ... – PowerPoint PPT presentation

Number of Views:85
Avg rating:3.0/5.0
Slides: 8
Provided by: xx48
Category:

less

Transcript and Presenter's Notes

Title: Chapter 15: Access Control Mechanisms


1
Chapter 15 Access Control Mechanisms
  • Dr. Wayne Summers
  • Department of Computer Science
  • Columbus State University
  • Summers_wayne_at_colstate.edu
  • http//csc.colstate.edu/summers

2
Access Control Lists
  • Let S be the set of subjects and R the set of
    rights of a system. An access control list (ACL)
    l is a set of pairs l (s,r) s e S r R.
    Let acl be a function that determines the access
    control list l associated with a particular
    object o. The interpretation of the access
    control list acl(o) si,ri) 1 i n
  • Ex. UNIX uses three sets of users (owner, group,
    world) and three types of rights (read (r), write
    (w), and execute (x). ACL of a file can be
    represented by rw-r--r--

3
Access Control Lists Issues
  • Which subjects can modify an objects ACL?
  • If there is a privileged user (root,
    administrator), do the ACLs apply to that user?
  • Does the ACL support groups or wildcards?
  • How are contradictory access control permissions
    handled?
  • If a default setting is allowed, do the ACL
    permissions modify it, or is the default used
    only when the subject is not explicitly mentioned
    in the ACL?

4
Capabilities
  • Let O be the set of objects and R the set of
    rights of a system. A capability list c is a set
    of pairs c (o,r) o e O r R. Let cap be a
    function that determines the capability list c
    associated with a particular subject s. The
    interpretation of the capability list cap(s)
    oi,ri) 1 i n is that subject s may access
    oi using any right in ri

5
Implementation of Capabilities
  • Tagged architecture set of bits associated with
    each word that controls whether a word can be
    read/written
  • Protection bits associated with paging /
    segmentation of memory
  • Cryptographic checksums - used to check the
    integrity of the data

6
Comparing Access Control Lists Capabilities
  • Given a subject, what objects can it access, and
    how?
  • Better to use capabilities
  • Given an object, what subjects can access it, and
    how?
  • Better to use ACLs

7
Locks and Keys
  • A piece of information (lock) is associated with
    the object and a second piece of information
    (key) is associated with the subject.
  • Dynamic system
  • Ex. Type checking label data different from
    instructions and only allow instructions to be
    executed
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Chapter 15: Access Control Mechanisms" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!