LERSSE-PRESENTATION-2005-007 |
Konstantin Beznosov
16 October 2005
Abstract: Learning objectives: Comprehend the principles behind access control mechanisms used in today\\\\\\\'s: * operating systems, * middleware, * virtual machines. Overview: In this module, the principles behind access control mechanisms and policies employed in todays operating systems, middleware, and virtual machines are studied. Two key principles are at the basis of all protection mechanisms: * the Trusted Computing Base (TCB) * the Reference Monitor. Generic representations of access control policies follow: * Lampson Access Matrix, and its optimized forms, * Access Control Lists (ACLs) * Capabilities. The focus shifts to the main types of access control policies: * owner-based Discretionary Access Control (DAC), * lattice-based Mandatory Access Control (MAC), * Chinese Wall model, * Clark-Wilson model, and * role-based access control (RBAC).
Keyword(s): access control
Published in: Konstantin Beznosov, "Access Control," lecture given at the secure application development course SecAppDev course, Brussels, Belgium, Katholieke Universiteit Leuven, 28 February, 2005, pp.46. :
The record appears in these collections:
Talks/Presentations