Access control, authorization

Security in Computing (3rd Edition)

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 1 August 29, 2005 Doug Tygar, 2005 (cs161.org) CS 194-1 (CS 161) Access Control Doug Tygar (doug.tygar@gmail.com) September 2, 2005 cs161.org August 29, 2005 Doug Tygar, 2005 (cs161.org) Role of Access Control Before closing back doors we need to close front doors Access control: determines access to files & processes in OS We will return to these themes throughout the course August 29, 2005 Doug Tygar, 2005 (cs161.org) Classic models of security Computer security has its origin in military models of security Different levels of secrecy e.g. classified/secret/top secret Compartmentalized security e.g. nuclear, communications, etc. TS/SCI August 29, 2005 Doug Tygar, 2005 (cs161.org) Corresponding access control Classic model Mandatory Access Control (MAC) (we also use the abbreviation MAC for message authentication code) User controlled security Discretionary Access Control (DAC) August 29, 2005 Doug Tygar, 2005 (cs161.org) Subjects & Objects Subjects do things Objects have things done to them Access types are the things that are done August 29, 2005 Doug Tygar, 2005 (cs161.org) Subjects & Objects Subjects do things users, processes Objects have things done to them files, processes Access types are the things that are done read, write, append, list, detect, remove, execute 2 August 29, 2005 Doug Tygar, 2005 (cs161.org) Read and write are different Access types can be distinguished by whether they pass information Generally write passes information...
View Full Document

This note was uploaded on 01/29/2008 for the course CS 194 taught by Professor Joseph during the Fall '05 term at University of California, Berkeley.

Page1 / 5

Access control, authorization - 1 August 29, 2005 Doug...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online