Scribd
Upload
29 views

Module-4.2 0

1. Access control involves a reference monitor that checks permissions by comparing the user, requested action, and policy to determine if access should be allowed or denied. 2. Access control can be implemented via access control lists that associate permissions with each resource, or capabilities that act as unforgeable tickets passed between processes. 3. Role-based access control assigns permissions to roles like administrator or user, and users inherit permissions of the roles they are assigned, providing flexibility as users change over time.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
29 views

Module-4.2 0

1. Access control involves a reference monitor that checks permissions by comparing the user, requested action, and policy to determine if access should be allowed or denied. 2. Access control can be implemented via access control lists that associate permissions with each resource, or capabilities that act as unforgeable tickets passed between processes. 3. Role-based access control assigns permissions to roles like administrator or user, and users inherit permissions of the roles they are assigned, providing flexibility as users change over time.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 15

Module 4.

2
Access Control Concepts
Access control
Assumptions
System knows who the user is
Authentication via name and password, other credentials
Access requests pass through gatekeeper (reference monitor)
System must not allow monitor to be bypassed

Reference
User monitor
proces
s access request ? Resourc
e

policy
Access Control Terminology (continued)
Access Control Terminology
Access Control Models
(continued)
Access control matrix
[Lampson] Objects

File 1 File 2 File 3 File n

User 1 read write - - read

User 2 write write write - -


Subjects
User 3 - - - read read

User m read write read write read


Implementation concepts File 1 File 2

Access control list (ACL) User 1 read write -


Store column of matrix User 2 write write -
with the resource User 3 - - read
Capability

User holds a ticket for
each resource User m Read write write

Two variations
store row of matrix with user, under OS control
unforgeable ticket in user space

Access control lists are widely used, often with groups


Some aspects of capability concept are used in many systems
Access Control
List (ACL)
A set of permissions
attached to an object
Specifies which subjects
are allowed to access the
object
And what operations they
can perform on it
Every file and folder has an ACL
Access control entry (ACE)
Each entry in the ACL table in the Microsoft Windows, Linux, and
Mac OS X operating systems
ACL vs Capabilities
Access control list
Associate list with each object
Check user/group against list
Relies on authentication: need to know user
Capabilities
Capability is unforgeable ticket
Random bit sequence, or managed by OS
Can be passed from one process to another
Reference monitor checks ticket
Does not need to know identify of user/process
ACL vs Capabilities
User U Capabilty c,d,e
Process P Process P

User U Capabilty c,e


Process Q Process Q

User U Capabilty c
Process R Process R
ACL vs Capabilities
Delegation
Cap: Process can pass capability at run time
ACL: Try to get owner to add permission to list?
More common: let other process act under current user
Revocation
ACL: Remove user or group from list
Cap: Try to get capability back from process?
Possible in some systems if appropriate bookkeeping
OS knows which data is capability
If capability is used for multiple resources, have to revoke all or none
Indirection: capability points to pointer to resource
If C P R, then revoke capability C by setting P=0
Roles (aka Groups)
Role = set of users
Administrator, PowerUser, User, Guest
Assign permissions to roles; each user gets permission
Role hierarchy
Administrator
Partial order of roles
Each role gets PowerUser
permissions of roles below
User
List only new permissions
given to each role Guest
Role-Based Access Control
Individuals Roles Resources

engineering Server 1

marketing Server 2

Server 3
human res

Advantage: users change more frequently than roles


Access control summary
Access control involves reference monitor
Check permissions: user info, action yes/no
Important: no way around this check
Access control matrix
Access control lists vs capabilities
Advantages and disadvantages of each
Role-based access control
Use group as user info; use group hierarchies

You might also like