Slide #2-1
Ma tr n i u khi n truy c pậ đề ể ậ
•
T ng quanổ
•
Mô hình ma tr n i u khi n truy c pậ đề ể ậ
•
Tr ng thái b o vạ ả ệ
–
Commands
–
Conditional Commands
Slide #2-2
T ng quanổ
•
Tr ng thái b o v c a h th ngạ ả ệ ủ ệ ố
–
Describes current settings, values of system
relevant to protection
•
Ma tr n i u khi n truy c pậ đề ể ậ
–
Describes protection state precisely
–
Matrix describing rights of subjects
–
State transitions change elements of matrix
Slide #2-3
Mô tả
objects (entities)
subjects
s
1
s
2
…
s
n
o
1
… o
m
s
1
… s
n
•
Subjects S = { s
1
,…,s
n
}
•
Objects O = { o
1
,…,o
m
}
•
Rights R = { r
1
,…,r
k
}
•
Entries A[s
i
, o
j
] ⊆ R
•
A[s
i
, o
j
] = { r
x
, …, r
y
}
means subject s
i
has rights
r
x
, …, r
y
over object o
j
Slide #2-4
Ví dụ
•
Processes p, q
•
Files f, g
•
Rights r, w, x, a, o
f g p q
p rwo r rwxo w
q a ro r rwxo
Slide #2-5
Example 2
•
Procedures inc_ctr, dec_ctr, manage
•
Variable counter
•
Rights +, –, call
counter inc_ctr dec_ctr manage
inc_ctr +
dec_ctr –
manage call call call
Slide #2-6
Chuy n tr ng tháiể ạ
•
Thay i tr ng thái b o v c a h th ngđổ ạ ả ệ ủ ệ ố
•
|– : Bi u th vi c chuy n tr ng tháiể ị ệ ể ạ
–
X
i
|–
τ
X
i+1
: command τ moves system from state
X
i
to X
i+1
–
X
i
|–
*
X
i+1
: a sequence of commands moves
system from state X
i
to X
i+1
•
Commands often called transformation
procedures
Slide #2-7
Các thao tác nguyên th yủ
•
create subject s; create object o
–
Creates new row, column in ACM; creates new column in ACM
•
destroy subject s; destroy object o
–
Deletes row, column from ACM; deletes column from ACM
•
enter r into A[s, o]
–
Adds r rights for subject s over object o
•
delete r from A[s, o]
–
Removes r rights from subject s over object o
Slide #2-8
T o fileạ
•
Ti n trình ế p t o file ạ f v i quy n ớ ề r và w
command create•file(p, f)
create object f;
enter own into A[p, f];
enter r into A[p, f];
enter w into A[p, f];
end
Slide #2-9
L nh n thao tácệ đơ
•
Làm cho ti n trình ế p tr thành ch s h u ở ủ ở ữ
file g
command make•owner(p, g)
enter own into A[p, g];
end
•
L nh n thao tácệ đơ
–
Single primitive operation in this command
Slide #2-10
L nh có i u ki nệ đề ệ
•
Gi s ả ửp trao cho q quy n ề r trên f, n u ế p s ở
h u ữ f
command grant•read•file•1(p, f, q)
if own in A[p, f]
then
enter r into A[q, f];
end
•
L nh n i u ki nệ đơ đề ệ
–
Single condition in this command
Slide #2-11
a i u ki nĐ đề ệ
•
Gi s ả ửp trao cho q quy n ề r và w trên f, n u ế
p s h u ở ữ f và p có quy n ề c trên q
command grant•read•file•2(p, f, q)
if own in A[p, f] and c in A[p, q]
then
enter r into A[q, f];
enter w into A[q, f];
end
Slide #2-12
Key Points
•
Access control matrix simplest abstraction
mechanism for representing protection state
•
Transitions alter protection state
•
6 primitive operations alter matrix
–
Transitions can be expressed as commands
composed of these operations and, possibly,
conditions