Professional Documents
Culture Documents
FALLSEM2022-23 CBS3002 ETH VL2022230104384 2022-08-04 Reference-Material-I
FALLSEM2022-23 CBS3002 ETH VL2022230104384 2022-08-04 Reference-Material-I
FALLSEM2022-23 CBS3002 ETH VL2022230104384 2022-08-04 Reference-Material-I
Discretionary, mandatory, role-based and task-based models, unified models, access control
algebra, temporal and spatio-temporal models.
Access Control
• “The prevention of unauthorized use of a resource, including the
prevention of use of a resource in an unauthorized manner“
• Central element of computer security
• Assume the system has users and groups
– authenticate to system
– assigned access rights to certain resources on system
2
How access control works?
Access control in physical world
Access control in software
Typical / Birds eye view about access control
(10,000 m)
Actual working of access control
Functionalities involved in Access control / Getting closer view
For the rest of the discussion
Access Control Model
Access control matrix = Permissions (Subject, Resource / Object)
OBJECTS
–FILES/PROCESSES/DEVICES/MESSAGES/SYS
TEM, SUBJECTS – ACTIVE ENTITIES (USERS,
PROCESSES)
Graham Denning
Model contd…
Ability to
add /
delegate
rights to control
other
users
Existing Models
• Identity based access control
• Multilevel Access Control
• Role based Access Control
• Attribute based Access Control
• Task-based access control
• Unified Models
• Temporal
• Spatio-temporal Models
RBAC models
• RBAC0 – Base model
• RBAC1 – Base Model + Roles hierarchy
• RBAC2 – Base model + Constraints
• RBAC3 – Consolidated model with base
model with Constraints and roles
hierarchy
• RBAC1, RBAC2, RBAC3 – Advanced
models
RBAC0
RBAC1
RBAC1
Private data of a test engineer