In some circumstances easy model for transfer of

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: + Easy model for transfer of privileges – Hard to determine who can access an object – Requires extra mechanism to allow revocation – In network environment, need cryptographic methods to prevent forgery CS 236 Online Lecture 3 Page 11 ACLs, Capabilities, Complete Mediation, & Performance • Ideally, every data access should have access control independently applied • Practicality of doing so depends on the performance costs • What does it cost to use ACLs? – Capabilities? CS 236 Online Lecture 3 Page 12 Performance Issues of Access Control • What if the status of the access control mechanism changed between when last checked and current access? • Common case is nothing changes • Different approaches possible – Actually check changeable data structure on each access – Give process something cheap and revocable that allows access CS 236 Online Lecture 3 Page 13 Access Control in the Distributed World • ACLs still work OK – Provided you have a global namespace for subjects – And no one can masquerade • Capabilities are more problematic – Their security relies on unforgeability CS 236 Online Lecture 3 Page 14 Using Cryptographic Capabilities • Can cryptography make...
View Full Document

This document was uploaded on 11/01/2013.

Ask a homework question - tutors are online