Access Control 101

Security mechanisms and policies deal with:

• principals: users of the computer system
  simple principals vs. compound principals (e.g., groups)
  
• subjects: software entities acting on behalf of principals
  e.g., processes
  
• objects: physical and logical resources accessed by subjects
  generically: instances of classes (modules) and their methods
  
  e.g., files, message ports

Key problems for access control:

• authentication: which principal(s) does a subject represent?
• authorization: is a requested access permissible?

Previous slide

Next slide

Back to first slide

View graphic version