Professional Documents
Culture Documents
Firewall Trusted System
Firewall Trusted System
One axis of an access matrix consists of identified subjects that may attempt data access,
the other lists objects that may be accessed, & each entry in the matrix indicates the access
rights of that subject for that object.
Data Access Control.
Access control list.
• Decomposition of the matrix by columns.
Data Access Control.
Access control list.
• An access control list lists users and their permitted access right.
• The list may contain a default or public entry.
Data Access Control.
Capability list.
• Decomposition of the matrix by rows.
Data Access Control.
Capability list.
• A capability ticket specifies authorized objects and operations for a
user.
• Each user have a number of tickets.
Concept of Trusted System.
• A widely applicable approach for protection of data and resources is based
on levels of security.
• This is commonly found in military, where information is categorized as
unclassified (U), confidential (C), secret (S), top secret (TS), or beyond.
• This concept is equally applicable in other areas, where information can be
organized into categories and users can be granted clearances to access
certain categories of data.