Question

In: Computer Science

in the context of access control , explain the concepts of access control matrix, access control...

in the context of access control , explain the concepts of access control matrix, access control list ,privilege control list and capability

Solutions

Expert Solution

Question: In the context of access control , explain the concepts of access control matrix, access control list ,privilege control list and capability

Ans: Access control can be defined as the security technique that maintains or controls the resources i.e who can use the resources, who can view the resources in the workout domain or in the computing domain.

So in context of access control we are going to explain the concept of access control matrix, access control list and what are the various control list and the capabilities.

Access Matrix: Access matrix is used for the implementation of protection model. In any matrix there are two different entries called as rows and columns. Rows are used to represent the domain and there can be a different kinds of domains like there can be user domain, process domain and there can be a procedure domain. So any of these three kinds of domains are represented with the help of rows in the matrix. Next is the column representation , columns represents the objects and these objects are actually the resources that are present in any operating system.

Working: Suppose we have four domains (D1,D2,D3 and D4). These four domains are specified as rows as shown in below image. Similarly, we have for example four objects(resources) let us suppose file1, file2, file3 and printer shown below.

Each entry in the matrix consists of a set of access rights. i.e say cell no (D4 , file 1 ) contains some information as shown.

The entry access say (i,j) defines the set of operations that a process, executing in domain Di can invoke an object Oj, e.g a process is executing in the domain D1 i.e i = 1 and it is accessing object 1 i.e file 1, we will follow the following syntax below:

access(i,j)

access(1,1) --> accessing domain 1 (D1) and object 1 (file1)

Now, let us suppose the select cell has an entry as "Read" (shown below), which means that access(1,1) has read access on file1. Similarly access(1,3) has entry Write i.e it will have the write privileges on file3.

Again if the command is given as access(2,print) means that the domain D2 has print access on resource(object) called as printer and so on is shown below in access matrix.

Now, it must be ensured that a process executing in domain Di can access only those objects specified in row i. i.e As per the below example D1 can have only read access on file 1 and file 3 and this doesn't have any other access.

Domain\Objects File1 File2 File3 Printer
D1 Read Read
D2 print
D3
D4 //////// write

Access Matrix

            Access control list on the basis of access matrix is not efficient i.e in ACL we are traversing a list to look for an Access Entry and in other case capability list is much efficient than ACL. On the other hand ACL provides high accountability as compared to Capability list. ACL have each and every information which element has which access and which has not but same is not the case with C-list (capability list)


Related Solutions

Definitions: subject: In the context of access control, an entity capable of accessing objects object: In...
Definitions: subject: In the context of access control, an entity capable of accessing objects object: In the context of access control, a resource to which access is controlled. role-based access control: Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles. Consider a private organization's information system where local restaurant health grades are processed and stored. Only authorized individuals such as those from the food...
Most IT professionals are familiar with the basic concepts surrounding authentication and access control systems. There...
Most IT professionals are familiar with the basic concepts surrounding authentication and access control systems. There are fewer professionals who have taken the time to consider the more granular characteristics of these controls and the options that are available for differentiation, selection, and implementation. Describe the combination of authentication and access controls that you believe best balance cost, complexity, and security. Support your position. Explain how domain trusts, isolation technologies, and the separation and organization of those technologies can support...
Describe the difference between authentication and access control. How do each of these concepts support the...
Describe the difference between authentication and access control. How do each of these concepts support the confidentiality and integrity of the data they protect? How does the “principle of least privilege” increase this support on the access control side? Describe how multi-factor authentication increases the confidence that someone is who they claim to be (i.e. that the person logging in is actually that person.)
In reference to network access control, describe some of the access control mechanism used by a...
In reference to network access control, describe some of the access control mechanism used by a network administrator to filter, inspect and detect different forms of traffic.
Access control" - Several "Access control" best practices were introduced this week. What is the goal...
Access control" - Several "Access control" best practices were introduced this week. What is the goal of "Access control"? Which "Access control" best practices would you recommend be implemented in a company accounting department?
Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC) layer.
Explain with appropriate diagrams the Logic Link Control (LLC) Layer and Medium Access Control (MAC) layer.
Define the following concepts: Subsistence economy Values in the context of development Attitudes in the context...
Define the following concepts: Subsistence economy Values in the context of development Attitudes in the context of development Institutions in the context of development Functionings in the context of development Capabilities in the context of development
Role-based access control (RBAC), an accepted model for access control in enterprise environments, may provide the...
Role-based access control (RBAC), an accepted model for access control in enterprise environments, may provide the means for conditions effectively restrict access based on rules and prerequisite conditions. However, there may be weaknesses in this approach. Provide strengths and weaknesses of role-based access control use in any size organization of your choice.
discuss depreciation in the context of the various accounting concepts
discuss depreciation in the context of the various accounting concepts
Explain how designing an access control standard relates to system security practices.
Explain how designing an access control standard relates to system security practices.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT