1 / 20

Discretionary Access Control Models

Outline. IntroductionAccess Control MatrixDistributed CompartmentsImplementations of ACMComparison of ACL

emlyn
Download Presentation

Discretionary Access Control Models

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Discretionary Access Control Models Adith Srinivasan

    2. Outline Introduction Access Control Matrix Distributed Compartments Implementations of ACM Comparison of ACL & CL

    3. Access Control Discretionary access control (DAC) is a kind of access control ' which restricts access to objects based on the identity of subjects and/or groups to which they belong'. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject Discretionary security models provide access control on an individual basis. Access Control matrix is a fundamental and widely used Disc Access control Model for enforcing security policies A security policy is a statement that specifies what privileges and limitations a certain subject has on an object Ex: subject s can access object x if it has not accessed object y.

    4. Access Control An access control is a function that given a subject and object pair(s,o) and a requested operation r , from s to o , returns a true value if requested is permitted The process of access validation is performed by a ‘reference monitor’ with a ACM for all subjects and objects Practically it is preferable to have separate reference monitors for different categories of subjects and objects.

    5. Access Control Model

More Related