{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

feb02 - CS 426 class...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 426 class Jan 26, 2012 www.cs.purdue.edu/homes/ssw/cs426/{index.html,syll.pdf,outline} (General purpose) Operating System security Access protection of general objects Procedure-oriented access control A procedure owns and protects an object, allowing only certain kinds of access. It forms a capsule around the object Example: OS proc controls list of valid users (add, del, check) Example: mail: append only to another user's mail box. Role-based access control These associate privileges with groups Access control keeps up with a user who changes group. File protection mechanisms All or none: anyone can use; or only those with password. many problems Group protection: user, group, others; as in UNIX based on <usrid, grpid> with disjoint groups - no sharing Persistent permission - can access iff on access list or have token (ticket) or password. revocation problems Temporary acquired permission: Unix set user id - suid applies to a program - when you run it, you run with the permissions of the pgm's owner; when pgm stops
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 2

feb02 - CS 426 class...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon bookmark
Ask a homework question - tutors are online