Operating Systems Lecture Notes

2014 December 2 • Security Mechanisms


Outline

System Model

Objective

What For?

Policy and Mechanism

Access Matrix

Access Matrix Use

Dynamic Rights Assignment

Access Matrix Observations

Domains

Implementation

A Matrix Implementation

  • Implement the access matrix as a sparse matrix.
  • A list of (domain, object, ops) triples.
  • Can domain i perform op on object i?
  • Problems: huge, inarticulate.

    ACL Example

    Column-Based Implementation

    Row-Based Implementation

    Blob-Based Implementation

    MULTIX Protection

    MULTIX Illustrated

    Unix Protection

    Unix Protection Objects

    Unix Example

    Summary

    References


    This page last modified on 2011 October 9.

    Creative
    Commons License