Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CSCI262 > access control > Flashcards

access control Flashcards

1
Q

authentication vs authorization vs audit

A

> authentication refers to the VERIFICATION of a valid user/system entity

> authorization refers to granting permissions for user/system entity to access resources

> audit refers to the process of examining and reviewing system records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are the four access control policies

A

1) DAC: discretionary access control
2) MAC: mandatory access control
3) RBAC: role-based access control
4) ABAC: attribute-based access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is a subject and how many are there

A

an entity capable of accessing objects
- owner
- group
- world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

access control matrix for DAC

A
  • rows are the users (user1,user2,….,usern)
  • columns are the files (file1,file2,…,filen)
  • {row,column} contains the permissions-> r,w,x
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

access control list for DAC

A
  • has user name at the top then a horizontal line beneath it
  • beneath the horizontal lines are the access permissions->r,w,x then another horizontal line
  • below the horizontal line draw an arrow that points to another list for another user
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

capability list for DAC

A
  • has file name at the top then a horizontal line beneath it
  • beneath the horizontal lines are the access permissions->r,w,x then another horizontal line
  • below the horizontal line draw an arrow that points to another list for another file
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

steps triggered by an access attempt

A
  • Sn attempts to issues a request for type a for object X
  • the system generates a message to the controller for X as: {Sn,a,X}
  • the controller checks the access control matrix for a in A{Sn, X}
  • if true, then access is allowed
    else, a warning is issued
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what are inodes (index nodes)

A
  • a data structure in a file system that stores metadata and pointers to the actual data of a file
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is stored in indes

A
  • file attributes
  • permissions
  • control information
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what are the fields of inodes and what do they mean

A

1) UID: username of owner
2) GID: group of owner
3) atime: access time
4) mtime: modification time (file content)
5) ctime: alteration time (file metadata)
6) block count: size of file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what is DAC

A

the resource owner has the ability to exercise control over access permissions for their resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is MAC

A

access permissions are determined and enforced by a central authority or security policy
- predefined rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what is RBAC

A

access permissions are assigned based on predefined roles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

access control matrix for RBAC

A
  • rows are the users
  • columns are the roles
  • {row,column} = 1 or = 0 for every user
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CSCI262 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions