*If you can not answer it!!! please don\'t waste your time to post the solution.

Question

*If you can not answer it!!! please don't waste your time to post the solution.

The model of protection in a computer system can be viewed as an access control matrix, with rows representing objects (for example files), and columns representing domains (for example users). Each entry in the matrix represents the access rights of the domain to the object. Consider the access control matrix below:

http://imageshack.us/photo/my-images/641/matrixy.png/

Assume that each user (domain) is the owner of the file (object) with the name starting with their initial, i.e. Anna owns Afile, Bill owns Bfile etc. Represent the access control matrix in the table above using protection scheme available in UNIX. You will need to define groups of users.

Explanation / Answer

In computer science, an Access Control Matrix or Access Matrix is an abstract, formal security model of protection state in computer systems, that characterizes the rights of each subject with respect to every object in the system. It was first introduced by Butler W. Lampson in 1971. Definition:- According to the model, the protection state of a computer system can be abstracted as a set of objects O, that is the set of entities that needs to be protected (e.g. processes, files, memory pages) and a set of subjects S, that consists of all active entities (e.g. users, processes). Further there exists a set of rights R of the form r(s,o), where s in S, o in O and r(s,o) subseteq R. A right thereby specifies the kind of access a subject is allowed to process object. Example In this matrix example there exists two processes, a file and a device. The first process has the ability to execute the second, read the file and write some information to the device, while the second process can only send information to the first. Asset 1 Asset 2 file device Role 1 read, write, execute, own execute read write Role 2 read read, write, execute, own Utility Because it does not define the granularity of protection mechanisms, the Access Control Matrix can be used as a model of the static access permissions in any type of access control system. It does not model the rules by which permissions can change in any particular system, and therefore only gives an incomplete description of the system's access control security policy. An Access Control Matrix should be thought of only as an abstract model of permissions at a given point in time; a literal implementation of it as a two-dimensional array would have excessive memory requirements. Capability-based security and access control lists are categories of concrete access control mechanisms whose static permissions can be modeled using Access Control Matrices. Although these two mechanisms have sometimes been presented (for example in Butler Lampson's Protection paper) as simply row-based and column-based implementations of the Access Control Matrix, this view has been criticized as drawing a misleading equivalence between systems that does not take into account dynamic behaviour.

Related Questions

Navigate

• Browse (All)
• Browse #
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.