Access Control
Terms you should know
Paul Krzyzanowski
- Protection
- Access control
- Hardware timer
- Process scheduler
- Starvation
- Memory Management Unit (MMU)
- Kernel mode (privileged mode, supervisor mode)
- Trap (software interrupt)
- Violation
- Hardware interrupt
- Protection ring
- Call gate
- Subject
- Principal
- Object
- Authentication
- Protection domain
- Domains
- Access right
- Domain transfer
- Delegation of access (copy right)
- Object owner
- Domain control right
- Access control list (ACL)
- Access control entry (ACE)
- Capability list
- Access token
- UNIX permissions
- rwx meaning
- User permissions
- Group permissions
- Other permissions
- chmod command and system call
- inode
- Extended attributes
- umask - purpose
- umask - meaning of its value
- Race condition
- chown command and system call
- Super user (uid=0, root user)
- setuid bit
- Principle of least privilege
- Privilege separation
- Effective user ID (euid)
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
- Multilevel security (MLS)
- Bell-LaPadula model
- Simple security property
- Star property
- Discrectionary security property
- Type enforcement (TE) model
- Domains, types in Type Enforcement
- Role-based access control (RBAC)
- Biba model
- Multilateral security, lattice model
- Security labels
- Chinese wall model
- Separation of duty
- Conflict classes
- Sanitization of data