| Next: 2.8.6.1 Approaches to authorisation | Up: 2.8 Computer Security: Why | Previous: 2.8.5.1 SSL handshake protocol |
| Next: 2.8.6.1 Approaches to authorisation | Up: 2.8 Computer Security: Why | Previous: 2.8.5.1 SSL handshake protocol |
Who can do what...
Access control matrix: formalisation of all the permissions in the system
| objects | file1 | file2 | file3 | ... |
| users | ||||
| A | rw | r | ||
| B | rw | |||
| C | r | |||
| ... |
For example, one box represents C can read file3
Potentially huge number of users and objects, so impractical to store all of these.