ITM 820 Lecture Notes - Lecture 4: Access Control, Access Control List, Public-Key Cryptography

Access control matrix (read, write, execute) not access. Solution to access control matrix = groups and roles: the tights are associated with groups and the user is added to the group. A group is a list of principles that do the same kind of task: roles: office admin, rights are assigned to the role. A role is a fixed set of access permissions. Roles can be applied to different groups. If you want to deactivate a user, delete the user from the os level. It is the meeting point for computer science and security engineering. Application, this level are found in different kinds of software. Middleware: applications such as dbms and bookkeeping package. Operating system: control include: system level access and communication ports: os typically authenticate principals using password and kerberos, once the authentication is done then the access is mediated to files. Hardware: os deals with hardware, provides control memory addresses a given process can access.