|
|
|
CASSIO: Why, no. The day had broke
Before we parted. I ha' made bold, Iago,
To send in to your wife. My suit to her
Is that she will to virtuous Desdemona
Procure me some accéss.—The Tragedy of Othello, III, i, 32–36.
Recall the access control matrix discussed in Chapter 2. As in the theoretical model, an implementation of the array and the commands to manipulate it provide a mechanism that the system can use to control access to objects. Unfortunately, there are several problems with a straightforward implementation. On a typical system, the number of subjects and objects will be sufficiently large that the matrix's size will use significant amounts of storage. Second, most entries in the matrix will be either blank (indicating no access) or the same (because implementations often provide a default setting). Third, the creation and deletion of subjects and objects will require the matrix to manage its storage carefully, adding to the complexity of this code.
Instead, several optimizations enable systems to use more convenient, and in some cases simpler, versions of the access control matrix. Access control lists and capabilities are variants based on the access control matrix that eliminate many of the problems mentioned above. Various organizations of these mechanisms lead to powerful controls such as the ring-based mechanism of Multics. A third mechanism, locks and keys, is based on cryptography and provides a powerful alternative. A fourth mechanism uses access control lists to implement an ORCON-like control.
|
|
|
| Top |