Access Control Model

Creator

Creator

Created

Created

2024 Mar 15 5:13

Editor

Editor

Edited

Edited

2024 Apr 23 4:53

Refs

Refs

Hierarchy and Abstraction is important for efficiency within complexity perspective.

Subjects $S$ are things in the system that can act

Object $O$ are assets or objects in the system (acted upon)

Rights $R$ that need to be controlled

A Model for
File System

$S$ for processes

$O$ for files

$R$ are (read, write, execute, …)

ACL is better for access review and revocation on an object basis, while CAP is better for access review and revocation on a subject basis.

Access Control Modeling

Access Control Matrix

Access Control Lists

Capability Lists

Mostly combination in real implementation

Access Control Types

Discretionary Access Control

Mandatory Access Control

Originator Controlled Access Control

Role Based Access Control

Attributed Based Access Control

Recommendations

/////