Lecture 3 - DAC and Access Matrices Flashcards
DAC?
Controls access based on the identity of the requestor and on access rules stating what requestors are and aren’t allowed to do
How is a DAC typically implemented?
Access Matrix
Why is an access matrix decomposed?
As it is sparse and hence inefficient
Decomposition by rows?
Capability tickets
Decomposition by columns?
ACL (Access Control List)
Advantage of ACLs?
- can contain a default
- convenient for determining who has access given an object
Disadvantages of ACLs?
Not convenient for determining the access rights
available to a specific user
Advantages of CTs?
Given a user, it is easy to determine the set of
access rights
Disadvantages of CTs?
Given a specific resource, it is difficult to determine the list of users
with specific access rights
* Tickets may be authorized to loan or given to others, dispersed
around the system —> security problem
How to solve the security issue with CTs?
- The operating system hold all tickets on behalf of users, but in a
region of memory inaccessible to users - Include an unforgeable token (e.g., a large random pass word, or a
cryptographic message authentication code) in the capability
Another way to represent DAC?
Authorization Table
- an entry for each subject / object relation access rights
Digraph
In a DAC model what is the protection state?
set of information at a given point in time that specifies the access rights for each subject with respect to each object
Why do we have a DAC model?
to represent protection state, enforce access rights and allow subjects to alter protection state (and hence rights)
What do we need to add to objects to represent the protection state?
- subjects
- processes
- devices
- memory locations
Access rights are named what in the DAC model?
Access attributes
