Professional Documents
Culture Documents
Access Control
Access Control
Access Control
Juan can read FileA, can append to FileB, and can write to FileC. Pedro can append to FileA, can write to
FileB, and cannot access FileC.
1. Write the access control matrix M that specifies the described set of access rights for subjects
Juan and Pedro to objects FileA, FileB and FileC
1. What are the basic differences between access control lists (ACL) and capability lists (CLists)?
-The basic differences between the two is that access control lists are object-focused which
explains that for each object there is a list of subjects. On the contrary, capability lists are
opposite to the control lists since CLists are subject-focused which explains that for each
subject there is a list of objects. When using ACL, one would have to enumerate through the ACL
for each file in the set and delete the user from the file’s ACL. On the other hand, using CList,
one would directly get the user’s CList. ACLs require accessing and updating multiple ACLs.
CLists require accessing and updating one CList.
2. Write a set of access control lists for the situation given in exercise 1.
- ACL(FileA)= Juan: {read}, Pedro: {append}
- ACL(FileB)= Juan: {append}, Pedro: {write}
- ACL(FileC)= Juan: {write}, Pedro: {}
LPedro = Secret
LFileA = Unclassified,
LFileB = Secret,
We define roles
– Teller
– Clerk
– Administrator
We assign procedure