Practical Take-Grant Systems: Do They Exist?




The Take-Grant Protection Model is a theoretical model of computer safety. This thesis considers whether this model can be applied to non-theoretical computer systems. First, a model of hierarchical systems is presented; then, some new results are presented, and three extensions are proposed. These new results and extensions are used to model reference monitors and examine an existing computer system for security weaknesses; methods of fixing these weaknesses are also derived. The thesis concludes that, with the proper extensions, the Take-Grant Protection Model can indeed be used to examine existing systems for security flaws.


My Ph.D. thesis.