Controlling Accesses to Resources
– TCB(reference monitor) sees a request for a resource, how does it decide whether it should be granted?
– Example: Should John’s process making a request to read a certain file be allowed to do so?
– Authentication establishes the source of a request
– Authorization or access control answers the question if a certain source of request(User ID) is allowed to read the file
– Subject who owns a resource(creates it) should be able to control access to it
Access Control
Basically, it is about who is allowed to access what.
Two parts
– Decide who should have access to certain resources
– Enforcement – only accesses defined by the access control policy are granted
Complete mediation is essential for successful enforcement
An access control matrix(ACM) abstracts the state relevant to access control.
Rows of ACM correspond to users/subjects/groups
Columns correspond to resources that need to be protected.
ACM defines who can access what