January 24, 2005

Implementing Access Controls

Access control (a brief refresher):

§         Objects – the items requested

§         Subjects – the entities that request access to the object through the reference monitor

§         Reference Monitor – the system that determines whether a subject may have access to an object


Multics ŕ Unix ŕ Linux/Windows

Security model:

Access control model:

§         Uses the ring structured security model

§         Specifies a domain in which a process can execute

§         Each piece of data has an access control item, represented as such: <b1,b2,b3>

o       The rings b1-b2 can read/write, the rings b2-b3 must use a gatekeeper to gain restricted access to the data



If (user==owner) then use owner

            Else if (user==group) then use group

            Else use other

GOOD UNIX FEATURES: decent protection, pretty flexible

BAD UNIX FEATURES: no mode between normal/super user (i.e. fine grain control isn’t possible), tempting to run as root, limited number of groups