Methods of keeping track
- Protection matrix - Table of domain versus object. Each
entry gives the rights that domain has to an object. Domains
can be modeled as objects with an ENTER right.
- Access control lists (ACL):
- Each object has an ordered list of domains and associated rights.
- Unix represents the ACL by 9 bits.
- NT
- has an ACL (access control list) with ACE (access control entries).
- when user creates an object, three mutually exclusive rules are
applied to determine access control list:
- Caller explicitly supplies ACL.
- Caller has not supplied ACL and object has a name. System
looks in object directory's ACL for ACE's that are marked inherit.
- If neither of the two, system using default ACL from
caller's access token.
- Capability list:
- For domain have a list of objects with rights.
- Since domains are keeping their own rights, they must be
tamper proof:
- Use tagged architecture to indicate capability.
- Put C-list in the OS.
- Encript and sign.
Capabilities have generic rights:
- Copy capability
- Duplicate object
- Remove capability
- Destroy object
SKILL: Understand protection domains
Revision Date: 2/6/98