Discretionary access controls includes about Discretionary Access Controls (DAC, Access Matrix Model), DAC in Relational Database (DAC, Privileges, The System R Access Control, Content–Based Access Control, Demo).
DISCRETIONARY ACCESS CONTROLS Teacher : Assoc.Prof.Dr Dang Tran Khanh Presenter: Vo Van My 12/11/15 www.cse.hcmut.edu.vn Outline Discretionary Access Controls DAC in Relational Database DAC Access Matrix Model DAC Privileges The System R Access Control Content–Based Access Control Demo Q&A 12/11/15 www.cse.hcmut.edu.vn Discretionary Access Controls DAC is based on the identity of the user requesting access and on a set of rules, call authorizatons, explicitly stating which user can perform which action on which resource 12/11/15 www.cse.hcmut.edu.vn Discretionary Access Controls DAC Document1 Bob 12/11/15 www.cse.hcmut.edu.vn Access Matrix Model Access Matrix Model: The first discretionary access control model proposed Triple (S,O,A) S: subject; O: objects; A: actions; A[s,o] : contains the list of actions that subject s can execute over object o O1 S1 … Si … Sn 12/11/15 … Oi … Om A[s1,o1] A[s1,oi] A[s1,om] A[si,o1] A[si,oi] A[si,om] A[sn,o1] A[sn,oi] A[sn,om] www.cse.hcmut.edu.vn Access Matrix Model Access Matrix Model: The first discretionary access control model proposed Triple (S,O,A) 12/11/15 S: subject; O: objects; A: actions; A[s,o] : contains the list of actions that subject s can execute over object o www.cse.hcmut.edu.vn Access Matrix Model Authorization state: Q=(S,O,A) For DBs, A[s,o] also includes conditions that must be satisfied in order for s to exercise the access modes Possible conditions: data-dependent (sal