337: access control

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/23

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 11:24 PM on 5/30/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

24 Terms

1
New cards

access control - introduction

mechanisms that regulate who/what can access which resources under what conditions

2
New cards

subject

user, group, process, service

3
New cards

object

file, database, API, VM

4
New cards

operation

read, write, execute, delete

5
New cards

access control question

can Subject S perform Operation O on Object R?

6
New cards

components: identification

claiming an identity

7
New cards

components: authentication

verifying identity

8
New cards

components: authorization

determining what an authenticated user is allowed to do

9
New cards

components: access

once authenticated and authorized, the subject can access the resource

10
New cards

components: accountability

used as part of access control to enforce least privilege

11
New cards

components: manage

adding/removing authentication and authorization of users or systems

12
New cards

RBAC —> role-based access control

controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles

13
New cards

ABAC —> attribute-based access control

controls access based on attributes of the suer, the resource to be accessed, and current environmental conditions

14
New cards

DAC —> discretionary access control

control access based on the identity of the requestor and access rules (authorizations) stating what requestors are/not allowed to do

aka: subjects can determine who has access to their objects

15
New cards

MAC —> mandatory access control

controls access based on comparing security labels with security clear

16
New cards

subject

an entity capable of accessing objects

three classes: owner, group, world

17
New cards

object

a resource to which access is controlled

entity used to contain and/or recieve info

18
New cards

acess right

describes the way in which a subject may access an object

could include: read, write, execute, delete, create, search

19
New cards

access control matrix (acm)

determines who can access an object, what objects can be accessed by a subject, what operations a subject can perform on an object

using a 2d matrix organized by subjects and objects indicating what actions individual subjects can take upon individual objects

20
New cards

access control list (acl)

each object has a list specifying which subjects can access it and what operations they can perform

21
New cards

capability lists

opposite of an acl, a list organized by which subjects can access which files

22
New cards

unix file access control

23
New cards
24
New cards