


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A lecture note from cs423ug operating systems course by indranil gupta. It covers the topics of protection domains, access matrix, access control lists (acls), and capability lists. The lecture explains the concepts of protection domains, the principle of least privilege, and the implementation of access matrix and its challenges. It also discusses the use of access control lists (acls) and capability lists for managing file access and their implementations.
Typology: Study notes
1 / 4
This page cannot be seen from the preview
Don't miss anything!



CS423UG Operating Systems
CS 423UG - Operating Systems,
Indranil Gupta
CS 423UG - Operating Systems,
Indranil Gupta
A protection domain specifies the resources a process mayaccess and the types of operations that may be invoked onthe objects.
Need to know
: The protection domain of a process
should be as small as possible consistent with the needof that process to accomplish its assigned task.
CS 423UG - Operating Systems,
Indranil Gupta
Examples of three protection domains
CS 423UG - Operating Systems,
Indranil Gupta
CS 423UG - Operating Systems,
Indranil Gupta
Access Matrix with Domains as
Objects
Process/User
CS 423UG - Operating Systems,
Indranil Gupta
: On invocation of a method R on an object O by a process Prunning in a domain D –^ Search for entry at D’th row and Oth column –^ Does this entry admit operation R?
-^ 1000 processes X 10000+ files/directories!
CS 423UG - Operating Systems,
Indranil Gupta
: the right and copy right is copied
-^ transfer
: when a right is copied from one Domain to another, the old Domain loses the right. – limited copy
: a right can be copied, but not the right to
copy. – copy right
: the right to copy a copy right is a separate right
CS 423UG - Operating Systems,
Indranil Gupta
^ Per-object list of processes/domains that can access that object(and type of access allowed) ^ Each
column
in the access matrix. : On invocation of a method R on an object O by a process Prunning in a domain D, –^ the ACL of object O is searched for D, –^ Is there an entry in this ACL admit operation R? Empty entries in Access Matrix can be discarded. Storage is proportional to number of useful entries A default can be associated with an ACL so that any Domainnot specified in the list can access the Objects using defaultmethods. It is easy for the owner of the Object to grant access to anotherDomain or revoke
access.
^ Search is easier, but processes can “find out” other objects’existence..! ^ ACL entries can be for individual users or for a group of users.
CS 423UG - Operating Systems,
Indranil Gupta
CS 423UG - Operating Systems,
Indranil Gupta
-^ While opening a file, it is checked against thefile’s ACL
-^ The login to a system is checked against an ACL(usually the password file owned by root). –^ Rlogins are checked against an .rhost file thatcontains the names of machines from which arlogin is permitted.
CS 423UG - Operating Systems,
Indranil Gupta
CS 423UG - Operating Systems,
Indranil Gupta
Implementation of Revocation with
Capabilities
-^ Capabilities expire. The Domain must re-acquire them aftera period, allowing delayed revocation.
-^ Objects keep back pointers to the capabilities that point tothem. Expensive though.
-^ Capabilities go indirectly through a global table. The entry inthe global table can be removed, invalidating the capability.It does not allow selective revocation.
-^ A key is kept with the capability and compared with a keystored with the object. On access, if the keys match, theaccess is permitted. The key in the object can be changed.
CS 423UG - Operating Systems,
Indranil Gupta
-^ Do-it-easy MP’s are less a learning experiencethan challenging MP’s –^ Remember Yeats:
CS 423UG - Operating Systems,
Indranil Gupta