Outline for March 11, 2002

Reading: §15.1-15.4

  1. Greetings and Felicitations
  2. Puzzle of the day
  3. Privilege in Languages
    1. Nesting program units
    2. Temporary upgrading of privileges
  4. Access Control Lists
    1. UNIX method
    2. ACLs: describe, revocation issue
  5. MULTICS ring mechanism
    1. MULTICS rings: used for both data and procedures; rights are REWA
    2. ( b 1 , b 2 ) access bracket - can access freely; ( b 3 , b 4 ) call bracket - can call segment through gate; so if a 's access bracket is (32,35) and its call bracket is (36,39), then assuming permission mode (REWA) allows access , a procedure in:
      rings 0-31: can access a , but ring-crossing fault occurs
      rings 32-35: can access a , no ring-crossing fault
      rings 36-39: can access a , provided a valid gate is used as an entry point
      rings 40-63: cannot access a
    3. If the procedure is accessing a data segment d , no call bracket allowed; given the above, assuming permission mode (REWA) allows access , a procedure in:
      rings 0-32: can access d
      rings 33-35: can access d , but cannot write to it (W or A)
      rings 36-63: cannot access d
  6. Capabilities
    1. Capability-based addressing: show picture of accessing object
    2. Show process limiting access by not inheriting all parent's capabilities
    3. Revocation: use of a global descriptor table
  7. Lock and Key
    1. Associate with each object a lock; associate with each process that has access to object a key (it's a cross between ACLs and C-Lists)
    2. Example: use crypto (Gifford). X object enciphered with key K . Associate an opener R with X . Then:
      OR-Access: K can be recovered with any D i in a list of n deciphering transformations, so
      R = ( E 1 ( K ), E 2 ( K ), ..., E n ( K )) and any process with access to any of the D i 's can access the file
      AND-Access: need all n deciphering functions to get K : R = E 1 ( E 2 (... E n ( K )...))
    3. Types and locks

ECS 153, Introduction to Computer Security
Winter Quarter 2002
Email: cs153@cs.ucdavis.edu