LectureNote3-HRU

LectureNote3-HRU - AUTHORIZATION & ACCESS C ONTROL D...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
HRU M ODEL OF A UTHORIZATION S YSTEM A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 31 / 124
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
HRU Model for Authorization Systems A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 32 / 124 Objective We want to be able to specify the dynamic propagation of access rights We want to be able to analyze the protection scheme provided by the system under the dynamic nature of the system M.Harrison, W. Ruzzo, J. Ullman. Protection in Operating Systems, Comm. of ACM 19(8), August 1976 Introduces the concepts of authorization systems and safety of such systems
Background image of page 2
HRU Model - Protection System A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 33 / 124 Consists of An initial access matrix The initial state A finite set of HRU commands expressed as a program that operates on the access matrix We call this the Protection Scheme / Authorization Scheme / Protection System / Authorization System
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
HRU Model A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 34 / 124 At any time the access matrix gives the set of access rights subjects have to objects in the system The access matrix changes by the execution of authorized HRU commands as autonomously invoked by subjects
Background image of page 4
HRU Program A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 35 / 124 Command < name > ( X 1 ,...,X n ) if / * test condition * / p A [ X i , X j ] q A [ X k , X l ] ... then / * sequence of primitive operations * / enter / delete privilege in cell create / delete object create / delete subject . . . F End
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
HRU Characteristics A UTHORIZATION A CCESS C ONTROL D ISCRETIONARY A CCESS C ONTROL HRU M ODEL OF A UTHORIZATION S YSTEM M ANDATORY A CCESS C ONTROL L ATTICE B ASED A CCESS C ONTROL M ODELS C OMMERCIAL S ECURITY CS 556 - Computer Security - c c 2009 Colorado State University – 36 / 124 The HRU program is executed only when the condition is satisfied condition = conjunction of tests test
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 26

LectureNote3-HRU - AUTHORIZATION &amp; ACCESS C ONTROL D...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online