Protection, Pt. 1 Flashcards
Principle of Least Privilege
Programs, users, and systems should be given just enough privileges to perform their tasks
Need to Know Principle
At any time, a process should be able to access only those resources that it currently requires to complete its task
Policies vs. Mechanisms
- Policies decide what should be done
- Mechanisms decide how it should be done
A process operates within a…
…protection domain
Access Rights
Object name, rights set (subset of all valid operations that can be performed on object)
Static Association
- Process remains in its domain forever
- Difficult to maintain Need to Know Principle
Dynamic Association
Processes can switch from one domain to another to access objects or perform needed operations
What can be a Domain?
- Each user is a domain (domain switching is switching the user)
- Each process is a domain (domain switching is message passing between processes)
- Each procedure is a domain (domain switching is procedure calls)
Access Matrix
- Rows represent domains, columns represent objects
- Entry(i,j) defines the set of operations that a process in domain i can invoke on object j
Domain Switching in a Matrix
- Consider domains as objects (add them to access matrix)
- Write switches on these domains
Dynamic Protection with a Matrix
Change entries of the access matrix dynamically (need to add/remove/copy access rights)
Special Access Rights
- Copy (can copy the access right R within the same column, denoted as R*)
- Owner (can add/remove access rights to object i in column j)
- Control (can add/remove access rights to domain i in row j
