Podcast
Questions and Answers
What does authentication specifically verify about a user or entity?
What does authentication specifically verify about a user or entity?
Which process follows authentication to determine what resources a user can access?
Which process follows authentication to determine what resources a user can access?
What is the primary goal of conducting an audit in the context of security?
What is the primary goal of conducting an audit in the context of security?
Which statement accurately describes the relationship between authorization and authentication?
Which statement accurately describes the relationship between authorization and authentication?
Signup and view all the answers
If an entity's credentials are deemed invalid, which process has failed?
If an entity's credentials are deemed invalid, which process has failed?
Signup and view all the answers
What is the basis for discretionary access control (DAC)?
What is the basis for discretionary access control (DAC)?
Signup and view all the answers
Which of the following best describes access control policies?
Which of the following best describes access control policies?
Signup and view all the answers
Under discretionary access control, who has the authority to grant permissions?
Under discretionary access control, who has the authority to grant permissions?
Signup and view all the answers
Which of the following statements about access rules is true?
Which of the following statements about access rules is true?
Signup and view all the answers
In discretionary access control, what aspect is most critical for defining access permissions?
In discretionary access control, what aspect is most critical for defining access permissions?
Signup and view all the answers
What is included in the access rights of a device apart from controlling its operation?
What is included in the access rights of a device apart from controlling its operation?
Signup and view all the answers
Which of the following is NOT a function associated with device access rights?
Which of the following is NOT a function associated with device access rights?
Signup and view all the answers
Which of the following best describes the control function related to device access rights?
Which of the following best describes the control function related to device access rights?
Signup and view all the answers
Access rights for a device facilitate which type of interaction?
Access rights for a device facilitate which type of interaction?
Signup and view all the answers
Which option represents an example of blocking/unblocking a device for use?
Which option represents an example of blocking/unblocking a device for use?
Signup and view all the answers
What does a row in the access matrix represent?
What does a row in the access matrix represent?
Signup and view all the answers
Which statement correctly describes protection domains?
Which statement correctly describes protection domains?
Signup and view all the answers
How can the association between a process and a protection domain be characterized?
How can the association between a process and a protection domain be characterized?
Signup and view all the answers
What is one way protection domains are implemented in operating systems such as UNIX?
What is one way protection domains are implemented in operating systems such as UNIX?
Signup and view all the answers
In terms of user access rights, what can a user do regarding processes?
In terms of user access rights, what can a user do regarding processes?
Signup and view all the answers
Which of the following best describes a set of objects together with access rights?
Which of the following best describes a set of objects together with access rights?
Signup and view all the answers
What role does the control unit play regarding subjects accessing objects?
What role does the control unit play regarding subjects accessing objects?
Signup and view all the answers
Which aspect of protection domains offers more flexibility?
Which aspect of protection domains offers more flexibility?
Signup and view all the answers
What is the primary function of administrative policies in access control?
What is the primary function of administrative policies in access control?
Signup and view all the answers
Which of the following represents the purpose of dual control in security?
Which of the following represents the purpose of dual control in security?
Signup and view all the answers
In access control, what does the term 'object' refer to?
In access control, what does the term 'object' refer to?
Signup and view all the answers
What is denoted by 'access rights' in access control mechanisms?
What is denoted by 'access rights' in access control mechanisms?
Signup and view all the answers
Discretionary Access Control (DAC) allows an entity to:
Discretionary Access Control (DAC) allows an entity to:
Signup and view all the answers
In the context of the access matrix, what do the matrix entries indicate?
In the context of the access matrix, what do the matrix entries indicate?
Signup and view all the answers
Which access control structure is characterized by being often sparse?
Which access control structure is characterized by being often sparse?
Signup and view all the answers
What aspect of security does enforcing administrative policies primarily involve?
What aspect of security does enforcing administrative policies primarily involve?
Signup and view all the answers
What is the role of access control mechanisms in relation to administrative policies?
What is the role of access control mechanisms in relation to administrative policies?
Signup and view all the answers
Which factors determine the protection level in access control?
Which factors determine the protection level in access control?
Signup and view all the answers
Which statement about the classes of subjects in access control is true?
Which statement about the classes of subjects in access control is true?
Signup and view all the answers
Why is it important to utilize an access matrix in Discretionary Access Control?
Why is it important to utilize an access matrix in Discretionary Access Control?
Signup and view all the answers
The ability to create or delete objects falls under which type of access right?
The ability to create or delete objects falls under which type of access right?
Signup and view all the answers
What is the main purpose of specifying who can modify authorization rules in access control?
What is the main purpose of specifying who can modify authorization rules in access control?
Signup and view all the answers
Study Notes
Authentication
- Authentication verifies that a user or entity is valid.
Authorization
- Authorization defines what access is allowed.
Audit
- Audits record access events and determine who did what.
Access Control Policies
- Access control policies specify what access is allowed.
Discretionary Access Control (DAC)
- Allows an entity to grant access to another entity for a specific resource.
- This is often implemented using an access matrix which has a row for each subject and a column for each object.
- Each cell in the matrix indicates the access rights for the corresponding subject to the respective object.
Administrative Policies
- Administrative policies are needed to specify who can modify authorization rules.
Dual Control
- Dual control requires two or more individuals to work together to complete a task.
Access Control Basic Elements
- Subject: An entity capable of accessing objects (e.g., a user, a process).
- Object: Entity containing or receiving information (e.g., files, databases).
- Access Right: Specifies how a subject can access an object (e.g., read, write, execute, delete, create, search).
Access Control Structures
- An access matrix represents access rights.
- The access matrix can be implemented using decomposition, which involves dividing a single matrix into separate structures.
Protection Domains
- A defined set of objects and access rights associated with them.
- A row defines a protection domain in an access matrix.
- Users can spawn processes with specific access rights within their protection domain.
- The association between a process and a domain can be static or dynamic.
Security Kernel
- A security kernel enforces system security policies.
- It is located in the trusted computing base (TCB), acting as an intermediary between the user and the system.
Examples
- The distinction between user and kernel mode in operating systems like UNIX represents a form of protection domain.
- Devices can be controlled via access rights, including read/write access, operation control, and use blocking/unblocking.
- Subjects can have different access rights to devices, with some having privileged access.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
This quiz covers essential concepts of access control, including authentication, authorization, audit processes, and access control policies. Test your knowledge on discretionary access control, administrative policies, and the fundamental elements that define subjects and objects in access control systems.