domain protection and Access matrix and its implementation
A protection domain specifies the resources that a process may access. Each domain defines a set of objects and the types of operations that may be invoked on each object
https://youtu.be/uFIzD1k5S5U
Access rights are commonly associated with protection
domains.
A process executes
inside a protection domain.
The process then has the rights and privileges of the
domain.
Thus many processes can have the same rights if they execute
in the same domain. There are too many subjects, objects and access rights in a
normal system to explicitly keep information about all of them. So this
combining is the first attempt to decrease the amount of protection information
which the system needs to maintain. A domain is a collection of ordered pairs
- Access
matrix and its implementation
https://youtu.be/2YIhzk7tJI8
Access matrix in Operating System
Access Matrix is a security model of protection state in computer system. It is represented as a matrix. Access matrix is used to define the rights of each process executing in the domain with respect to each object. The rows of matrix represent domains and columns represent objects. Each cell of matrix represents set of access rights which are given to the processes of domain means each entry(i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
F1 F2 F3 PRINTER D1 read read D2 print D3 read execute D4 read write read write
According to the above matrix: there are four domains and four objects- three files(F1, F2, F3) and one printer. A process executing in D1 can read files F1 and F3. A process executing in domain D4 has same rights as D1 but it can also write on files. Printer can be accessed by only one process executing in domain D2. The mechanism of access matrix consists of many policies and semantic properties. Specifically, We must ensure that a process executing in domain Di can access only those objects that are specified in row i.
Policies of access matrix concerning protection involve which rights should be included in the (i, j)th entry. We must also decide the domain in which each process executes. This policy is usually decided by the operating system. The Users decide the contents of the access-matrix entries.
Access Matrix is a security model of protection state in computer system. It is represented as a matrix. Access matrix is used to define the rights of each process executing in the domain with respect to each object. The rows of matrix represent domains and columns represent objects. Each cell of matrix represents set of access rights which are given to the processes of domain means each entry(i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
| F1 | F2 | F3 | PRINTER | |
|---|---|---|---|---|
| D1 | read | read | ||
| D2 | ||||
| D3 | read | execute | ||
| D4 | read write | read write |
According to the above matrix: there are four domains and four objects- three files(F1, F2, F3) and one printer. A process executing in D1 can read files F1 and F3. A process executing in domain D4 has same rights as D1 but it can also write on files. Printer can be accessed by only one process executing in domain D2. The mechanism of access matrix consists of many policies and semantic properties. Specifically, We must ensure that a process executing in domain Di can access only those objects that are specified in row i.
Policies of access matrix concerning protection involve which rights should be included in the (i, j)th entry. We must also decide the domain in which each process executes. This policy is usually decided by the operating system. The Users decide the contents of the access-matrix entries.
Policies of access matrix concerning protection involve which rights should be included in the (i, j)th entry. We must also decide the domain in which each process executes. This policy is usually decided by the operating system. The Users decide the contents of the access-matrix entries.
Comments
Post a Comment