WGU C191 MODULE 5 Questions with Correct Answers Latest Update Graded A
5 views 0 purchase
Course
WGU C191 MODULE 5
Institution
WGU C191 MODULE 5
goals of protection ensure that each object is accessed correctly and only by those
processes that are allowed to do so.
guiding principle of protection - Programs, users and systems should be given just enough
privileges to perform their tasks
- principle of least privilege
access rights ...
WGU C191 MODULE 5 Latest Update Graded A goals of protection ✔✔ ensure that each object is accessed correctly and only by those processes that are allowed to do so. guiding principle of protection ✔✔ - Programs, users and systems should be given just enough privileges to perform their tasks - principle of least privilege access rights ✔✔ where rights -set is a subset of all valid operations that can be performed on the object domain ✔✔ set of access -rights system has two domains ✔✔ user and supervisor UNIX domain system ✔✔ - domain: user -id domain switch accomplished via file system -When file is executed and setuid = on, then user -id is set to owner of the file being executed. When execution completes user -id is reset access matrix ✔✔ - view protection as matrix - rows: domains columns: objec ts use of access matrix ✔✔ - Can be expanded to dynamic protection. - Operations to add, delete access rights. - Special access rights - separate mechanism from policy mechanism ✔✔ - Operating system provides access -matrix + rules. - If ensures that the matrix is only manipulated by authorized agents and that rules are strictly enforced. policy ✔✔ - user dictates policy - who can access what object and in what mode implementation of access matrix ✔✔ - each column: access -control li st for one object defines who can perform what operation - each row: capability list for each domain, what operations allowed on what objects access control ✔✔ - protection can be applied to non -file resources - solaris 10 provides role -based access contr ol to implement least privilege Role -Based Access Control (RBAC) ✔✔ - privilege is right to execute system call or use an option within a system call - can be assigned to processes - users assigned roles granting access to privileges and programs revocat ion of access list rights ✔✔ - delete access rights from access list - simple or immediate revocation of capability list rights ✔✔ - scheme required to locate capability in the system before capability can be revoked - reacquisition, back -pointers, indire ction, keys hydra(capability based systems) ✔✔ - fixed set of access rights known to and interpreted by the system
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller GOLDTUTORS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.29. You're not tied to anything after your purchase.
