Bài giảng về an toàn bảo mật hệ thống thông tin Ma trận điều khiển truy nhập

Example 2• Procedures inc_ctr, dec_ctr, manage • Variable counter • Rights +, –, call... Key Points• Access control matrix simplest abstraction mechanism for representing protection stat

Ma tr n i u khi n truy c p ậ đ ề ể ậ

• T ng quan ổ

• Mô hình ma tr n i u khi n truy c p ậ đ ề ể ậ

• Tr ng thái b o v ạ ả ệ

– Commands

– Conditional Commands

T ng quan ổ

• Tr ng thái b o v c a h th ng ạ ả ệ ủ ệ ố

– Describes current settings, values of system

relevant to protection

• Ma tr n i u khi n truy c p ậ đ ề ể ậ

– Describes protection state precisely

– Matrix describing rights of subjects

– State transitions change elements of matrix

Mô t ả

objects (entities)

s1

s2

…

s n

o1 … o m s1 … s n • Subjects S = { s1,…,s n }

• Objects O = { o1,…,o m }

• Rights R = { r1,…,r k }

• Entries A [s i , o j] ⊆ R

• A [s i , o j ] = { r x , …, r y } means subject s i has rights

r x , …, r y over object o j

Ví d ụ

• Processes p, q

• Files f, g

• Rights r, w, x, a, o

Example 2

• Procedures inc_ctr, dec_ctr, manage

• Variable counter

• Rights +, –, call

Chuy n tr ng thái ể ạ

• Thay đổ i tr ng thái b o v c a h th ng ạ ả ệ ủ ệ ố

• |– : Bi u th vi c chuy n tr ng thái ể ị ệ ể ạ

– X i |– τ X i+1: command τ moves system from state

X i to X i+1

– X i |– * X i+1: a sequence of commands moves

system from state X i to X i+1

• Commands often called transformation

procedures

Các thao tác nguyên th y ủ

• create subject s; create object o

– Creates new row, column in ACM; creates new column in ACM

• destroy subject s; destroy object o

– Deletes row, column from ACM; deletes column from ACM

• enter r into A [s, o]

– Adds r rights for subject s over object o

• delete r from A [s, o]

– Removes r rights from subject s over object o

T o file ạ

• Ti n trình ế p t o file ạ f v i quy n ớ ề r và w

command create•file(p, f)

create object f;

enter own into A[p, f];

enter r into A[p, f];

enter w into A[p, f];

end

L nh ệ đơ n thao tác

• Làm cho ti n trình ế p tr thành ch s h u ở ủ ở ữ

file g

command make•owner(p, g)

enter own into A[p, g];

end

• L nh ệ đơ n thao tác

– Single primitive operation in this command

L nh có i u ki n ệ đ ề ệ

• Gi s ả ử p trao cho q quy n ề r trên f, n u ế p s ở

h u ữ f

command grant•read•file•1(p, f, q)

if own in A[p, f]

then

enter r into A[q, f];

end

• L nh ệ đơ đ ề n i u ki n ệ

– Single condition in this command

a i u ki n

• Gi s ả ử p trao cho q quy n ề r và w trên f, n u ế

command grant•read•file•2(p, f, q)

if own in A[p, f] and c in A[p, q]

then

enter r into A[q, f];

enter w into A[q, f];

end

Key Points

• Access control matrix simplest abstraction mechanism for representing protection state

• Transitions alter protection state

• 6 primitive operations alter matrix

– Transitions can be expressed as commands

composed of these operations and, possibly,

conditions