Outline for October 20, 2021

Reading: text, §16
Due: Homework 2, due October 22 (Note change of due date)

  1. Access Control Lists
    1. Full access control lists
    2. Abbreviations (UNIX method)
    3. Issues in the way lists work
    4. Revocation issue

  2. Capabilities
    1. Capability-based addressing
    2. Capabilities as security mechanisms
    3. Inheritance of C-Lists

  3. MULTICS ring mechanism
    1. Rings, gates, ring-crossing faults
    2. Used for both data and procedures; rights are REWA
      (b1, b2) access bracket—can access freely; (b3, b4) call bracket—can call segment through gate; so if a’s access bracket is (32, 35) and its call bracket is (36, 39), then assuming permission mode (REWA) allows access, a procedure in:
      rings 0–31: can access a, but ring-crossing fault occurs
      rings 32–35: can access a, no ring-crossing fault
      rings 36–39: can access a, provided a valid gate is used as an entry point
      rings 40–63: cannot access a
    3. If the procedure is accessing a data segment d, no call bracket allowed; given the above, assuming permission mode (REWA) allows access, a procedure in:
      rings 0–32: can access d
      rings 33–35: can access d, but cannot write to it (W or A)
      rings 36–63: cannot access d

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of October 21, 2021 at 12:02PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh