feb02 - CS 426 class Jan 26, 2012

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 426 class Jan 26, 2012 www.cs.purdue.edu/homes/ssw/cs426/{index.html,syll.pdf,outline} (General purpose) Operating System security Access protection of general objects Procedure-oriented access control A procedure owns and protects an object, allowing only certain kinds of access. It forms a capsule around the object Example: OS proc controls list of valid users (add, del, check) Example: mail: append only to another user's mail box. Role-based access control These associate privileges with groups Access control keeps up with a user who changes group. File protection mechanisms All or none: anyone can use; or only those with password. many problems Group protection: user, group, others; as in UNIX based on <usrid, grpid> with disjoint groups - no sharing Persistent permission - can access iff on access list or have token (ticket) or password. revocation problems Temporary acquired permission: Unix set user id - suid applies to a program - when you run it, you run with the permissions of the pgm's owner; when pgm stops
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/23/2012 for the course CS 426 taught by Professor Staff during the Spring '08 term at Purdue University-West Lafayette.

Page1 / 2

feb02 - CS 426 class Jan 26, 2012

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online