Page 289 - DCAP103_Principle of operating system
P. 289
Principles of Operating Systems
Notes 8.7 Keywords
Access Control Mechanisms: The manner by which the operating system enforces the access
control policy.
Access Control Policies: Access control policy defined “whose data is to be protected from
whom”.
DoD Policy: This publication, DoD 5200.28-STD, “Department of Defense Trusted Computer
System Evaluation Criteria,” is issued under the authority of an in accordance with DoD
Directive 5200.28, “Security Requirements for Automatic Data Processing (ADP) Systems,” and
in furtherance of responsibilities assigned by DoD Directive 52l5.
Workflow Management Coalition (WFMC): Work Flow Management is a fast evolving technology
which is increasingly being exploited by businesses in a variety of industries.
System Protection: A model of protection mechanisms in computing systems is presented and
its appropriateness is argued. The “safety” problem for protection systems under this model is
to determine in a given situation whether a subject can acquire a particular right to an object.
In restricted cases, it can be shown that this problem is decidable, i.e. there is an algorithm
to determine whether a system in a particular configuration is safe. In general, and under
surprisingly weak assumptions, it cannot be decided if a situation is safe. Various implications
of this fact are discussed.
1. C program for file permissions.
2. Give the steps for protection of the operating system.
8.8 Review Questions
1. The access-control matrix could be used to determine whether a process can switch from,
say, domain A to domain B and enjoy the access privileges of domain B. Is this approach
equivalent to including the access privileges of domain B in those of domain A?
2. Consider a system in which “computer games” can be played by students only between
10 p.m. and 6 a.m., by faculty members between 5 p.m. and 8 a.m., and by the computer
center staff at all times. Suggest a scheme for implementing this policy efficiently.
3. What hardware features are needed for efficient capability manipulation? Can these be
used for memory protection?
4. Discuss the strengths and weaknesses of implementing an access matrix using access lists
that are associated with the objects.
5. Discuss the strengths and weaknesses of implementing an access matrix using capabilities
that are associated with the domains.
6. Explain why a capability-based system such as Hydra provides greater flexibility than the
ring protection scheme in enforcing protection policies.
7. What is the need-to-know principle? Why is it important for a protection system to adhere
to this principle?
8. How are the access-matrix facility and the role-based access-control facility similar? How
do they differ?
282 LOVELY PROFESSIONAL UNIVERSITY
