symbol | what it represents |
---|---|
S | set of subjects |
O | set of objects |
P | set of rights |
r ∈ P | read right |
a ∈ P | write right (equivalent to append) |
w ∈ P | read and write right |
e ∈ P | empty right |
C | set of clearances (for subjects) or classifications (for objects) |
K | set of categories |
L = C × K | set of security levels |
fs(s) | maximum security level of subject s |
fc(s) | current security level of subject s |
fo(o) | security level of object o |
F = { fs(s), fc(s), fo(o)) } | set of functions to map entity into security level |
f = ( fs(s), fc(s), fo(o) ) | an element of the set F |
H | set of hierarchy functions h ∈ H, where h: O → P(O) |
M | set of possible access control matrices |
V = { (b, m, f, h) } | set of states of system |
b | access control matrix m that excludes rights not allowed by f |
R | set of requests for access |
D | set of outcomes |
y ∈ P | the access is allowed |
n ∈ P | the access is not allowed |
i ∈ P | the request is illegal |
e ∈ P | an error occurred in processing the request |
W ⊆ R × D × V × V | set of actions of the system |
X = RN | set of sequences of requests |
Y = DN | set of sequences of decisions |
Z = VN | set of sequences of states |
Σ(R, D, W, z0) ∈ X × Y × Y | system representation |
|
ECS 235B, Foundations of Computer and Information Security Version of January 24, 2024 at 7:01PM
|
You can also obtain a PDF version of this. |