Professional Documents
Culture Documents
14.2
Objectives
Discuss the goals and principles of protection in a modern
computer system
14.3
Goals of Protection
Operating system consists of a collection of objects, hardware or
software
14.4
Principles of Protection
Guiding principle principle of least privilege
14.5
Domain Structure
Access-right = <object-name, rights-set>
14.6
User
Supervisor
UNIX
Domain = user-id
14.7
Multics Rings
Operating System Concepts
14.8
Access Matrix
View protection as a matrix (access matrix)
Rows represent domains
Columns represent objects
Access(i, j) is the set of operations that a process executing in
14.9
Access Matrix
Figure A
Operating System Concepts
14.10
owner of Oi
copy op from Oi to Oj
14.11
Mechanism
Policy
14.12
14.13
Figure B
14.14
14.15
14.16
14.17
Access Control
Protection can be applied to non-file resources
Solaris 10 provides role-based access control to implement least
privilege
14.18
14.19
Simple
Immediate
Reacquisition
Back-pointers
Indirection
Keys
14.20
Capability-Based Systems
Hydra
14.21
Language-Based Protection
Specification of protection in a programming language allows the
14.22
Protection in Java 2
Protection is handled by the Java Virtual Machine (JVM)
A class is assigned a protection domain when it is loaded by the
JVM.
The protection domain indicates what operations the class can (and
cannot) perform.
14.23
Stack Inspection
14.24
End of Chapter 14