{ "@context": "https://schema.org", "@type": "Organization", "name": "Brainscape", "url": "https://www.brainscape.com/", "logo": "https://www.brainscape.com/pks/images/cms/public-views/shared/Brainscape-logo-c4e172b280b4616f7fda.svg", "sameAs": [ "https://www.facebook.com/Brainscape", "https://x.com/brainscape", "https://www.linkedin.com/company/brainscape", "https://www.instagram.com/brainscape/", "https://www.tiktok.com/@brainscapeu", "https://www.pinterest.com/brainscape/", "https://www.youtube.com/@BrainscapeNY" ], "contactPoint": { "@type": "ContactPoint", "telephone": "(929) 334-4005", "contactType": "customer service", "availableLanguage": ["English"] }, "founder": { "@type": "Person", "name": "Andrew Cohen" }, "description": "Brainscape’s spaced repetition system is proven to DOUBLE learning results! Find, make, and study flashcards online or in our mobile app. Serious learners only.", "address": { "@type": "PostalAddress", "streetAddress": "159 W 25th St, Ste 517", "addressLocality": "New York", "addressRegion": "NY", "postalCode": "10001", "addressCountry": "USA" } }

4. Access Control Models Flashcards

(12 cards)

1
Q

What is DIscetionary Access Control?

A

DAC is a means of restricting access to objects based on the identity of subjects and/or the groups to which they belong.
The controls are clled discretionary because a subject with a certain access permission can pass that permission (possible indirectly) to any other subject, unless mandatory access control prevents it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Is DAC subject centered or object?

A

Subject centered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Give an example of DAC

A

unix/inux is a system using DAC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Mandatory Access Control?

A

MAC is a means of restricting access to objects based on sensitivity (represented by a label) of the information within the objects and the formal authorization (clearance) of subjects to access information of that sensitivity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

is MAC subject centered or object?

A

Object Centered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Give an example of MAC

A

SELinux is a system using MAC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Access Control List (ACL)

A
  • ACL is a list of permissions attached to an object (file)
  • The list specifies who or what is allowed to access the object and what operations are permitted.
  • An ACL consists of entries like [user, operations]
  • ACL’s can be used for both DAC and MAC
  • if the acl is decided by the user, it’s DAC; if its decided by the sysem admin, its MAC.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the Pro’s of MAC?

A
  • Stronger Security, as policy is centrally managed.
  • Centralised control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the Con’s of MAC?

A
  • Less flexible for users and can be more complex to setup
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the Pro’s of DAC?

A
  • Flexibility and Simplicity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the Con’s of DAC?

A
  • Inconsistent security
  • Lack of centralised control.
  • Prone to trojan horse attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly