Cse443-lecture-4-aut - Lecture 4 Authorization CMPSC 443 Spring 2012 Introduction Computer and Network Security Professor Jaeger

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Lecture 4 - Authorization CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Why authenticate? Why do we want to verify the identity of a user? 2
Background image of page 2
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page A Brief History • Early computing systems had no isolation – Shared memory space – Shared fle space • Some physical limitations made this OK – Batch processing – Load the tape/disk For the application – Network? What network? • In the mid-60s people started to work on ʻ multiuser ʼ or ʻ time-sharing ʼ systems – What about a bug? – What about my data? • Mostly about protection 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Multiprogrammed Systems • Multics project – General purpose, multi-user system – Comprehensive security • Hardware protection • Subject labeling • Permission management • UNIX project – Spin-off of Multics project – A stripped-down multiuser system 4
Background image of page 4
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Control Access • An identity permits access to resources • In computer security this is called Access control Authorization In authorization, we talk about: Subjects (for whom an action is performed) Objects (upon what an action is performed) Operations (the type of action performed) Authorization limits a subject ʼ s access perform an operation on an object The combination of object and operations allowed are called a permission 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CMPSC 443 Introduction to Computer and Network Security - Spring 2012 - Professor Jaeger Page Access Matrix • Describe all possible accesses – Operations of (S 2 ,O 2 ) – E.g., read, write, execute • Specify which users ʼ processes can access which Fles • Necessary to specify policy to protect users O 1 O 2 O 3 S 1 Y Y N S 2 N Y N S 3 N Y Y 6
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/11/2012 for the course CSE 443 taught by Professor Trentjaeger during the Spring '11 term at Pennsylvania State University, University Park.

Page1 / 23

Cse443-lecture-4-aut - Lecture 4 Authorization CMPSC 443 Spring 2012 Introduction Computer and Network Security Professor Jaeger

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online