!main_ta<script  src="/js/main/general/cookie-consent.js" ></script><script  src="/js/main/products/general/general.js" ></script><script  src="/js/main/general/header.js" ></script><script  src="/js/main/general/footer.js" ></script>gs!<link rel="stylesheet" href="/css/main/pages/academic-info.css"><title>Access Control - Operating Systems | What's Your IQ</title><meta name="description" content="Learn access control: access control models, permissions, authentication, authorization, security policies, discretionary access control, mandatory access control, role-based access control, access control lists, capabilities, security mechanisms."></head><body class="academic-info-page" data-subject="computer-science"> !main_header! <nav class="academic-breadcrumb"><a href="/en/">Home</a><span class="separator">/</span><a href="/en/academic/">Academic</a><span class="separator">/</span><a href="/en/academic/operating-systems/">Operating Systems</a><span class="separator">/</span><a href="/en/academic/operating-systems/explained/">Topics</a><span class="separator">/</span><a href="/en/academic/operating-systems/explained/security/">Security</a><span class="separator">/</span><span class="current">Access Control</span></nav><div class="academic-info-container"><header class="page-header">  <h1>Access Control</h1>  <p class="page-subtitle">Fundamental mechanisms and models for securing resources and managing permissions in operating systems.</p></header><nav class="table-of-contents">  <h2>Contents</h2>  <ol>  <li><a href="#introduction">Introduction</a></li>  <li><a href="#basic-concepts">Basic Concepts</a></li>  <li><a href="#access-control-models">Access Control Models</a></li>  <li><a href="#access-control-mechanisms">Access Control Mechanisms</a></li>  <li><a href="#authentication-vs-authorization">Authentication vs Authorization</a></li>  <li><a href="#discretionary-access-control">Discretionary Access Control (DAC)</a></li>  <li><a href="#mandatory-access-control">Mandatory Access Control (MAC)</a></li>  <li><a href="#role-based-access-control">Role-Based Access Control (RBAC)</a></li>  <li><a href="#access-control-lists-and-capabilities">Access Control Lists and Capabilities</a></li>  <li><a href="#policy-enforcement">Policy Enforcement and Administration</a></li>  <li><a href="#security-issues-and-challenges">Security Issues and Challenges</a></li>  <li><a href="#future-trends-in-access-control">Future Trends in Access Control</a></li>  <li><a href="#references">References</a></li>  </ol></nav><main class="article-content">  <section id="introduction">  <h2>Introduction</h2>  <p>Access control is a core component of operating system security. It defines methods to regulate user and process interactions with resources. Objectives: prevent unauthorized access, ensure confidentiality, integrity, availability. Scope: files, devices, memory, network connections. Methods: enforce policies via authentication, authorization, and auditing.</p>  <blockquote>   <p>"Access control is the gatekeeper of system security, ensuring only authorized entities interact with protected assets." -- Peter G. Neumann</p>  </blockquote>  </section>  <section id="basic-concepts">  <h2>Basic Concepts</h2>  <h3>Subjects and Objects</h3>  <p>Subject: active entity requesting access (user, process). Object: passive entity being accessed (file, device). Access is an operation performed by subject on object.</p>  <h3>Access Rights</h3>  <p>Types: read, write, execute, delete, append. Rights define permitted operations. Principle of least privilege applies.</p>  <h3>Access Control Policies</h3>  <p>Rules defining who can access what and how. Enforced by access control mechanisms. Policies vary by environment and requirements.</p>  <h3>Security Attributes</h3>  <p>Metadata attached to subjects and objects: classifications, roles, permissions. Used to make access decisions.</p>  </section>  <section id="access-control-models">  <h2>Access Control Models</h2>  <h3>Discretionary Access Control (DAC)</h3>  <p>Owner controls access. Permission granting is discretionary. Flexible but vulnerable to Trojan horses.</p>  <h3>Mandatory Access Control (MAC)</h3>  <p>System-enforced policy. Access based on classifications and clearances. Used in high-security environments.</p>  <h3>Role-Based Access Control (RBAC)</h3>  <p>Access based on user roles. Roles group permissions. Simplifies management in organizations.</p>  <h3>Attribute-Based Access Control (ABAC)</h3>  <p>Decisions based on attributes of subjects, objects, and environment. Fine-grained, context-aware.</p>  </section>  <section id="access-control-mechanisms">  <h2>Access Control Mechanisms</h2>  <h3>Authentication</h3>  <p>Process of verifying identity. Methods: passwords, biometrics, tokens, certificates.</p>  <h3>Authorization</h3>  <p>Granting permissions based on authenticated identity and policy rules.</p>  <h3>Access Control Enforcement</h3>  <p>Mechanisms: reference monitors, security kernels, trusted computing base.</p>  <h3>Audit and Monitoring</h3>  <p>Logging access attempts, successes, failures. Supports accountability and intrusion detection.</p>  </section>  <section id="authentication-vs-authorization">  <h2>Authentication vs Authorization</h2>  <h3>Authentication</h3>  <p>Verification of identity. Factors: something you know, have, are. Examples: password, smart card, fingerprint.</p>  <h3>Authorization</h3>  <p>Determination of access rights. Follows successful authentication. Dictated by access control policies.</p>  <h3>Relationship</h3>  <p>Authentication precedes authorization. Both required for secure access control.</p>  </section>  <section id="discretionary-access-control">  <h2>Discretionary Access Control (DAC)</h2>  <h3>Characteristics</h3>  <p>Owner-centric control. Permissions can be delegated. Common in commercial OSs like Windows, UNIX.</p>  <h3>Advantages</h3>  <p>Flexibility, ease of use, delegation capability.</p>  <h3>Disadvantages</h3>  <p>Vulnerable to privilege escalation, Trojan horses. Lack of centralized control.</p>  <h3>Implementation</h3>  <p>Access control lists (ACLs), capability lists.</p>  </section>  <section id="mandatory-access-control">  <h2>Mandatory Access Control (MAC)</h2>  <h3>Characteristics</h3>  <p>System-enforced policy. Subjects and objects labeled with security levels. Access decisions based on labels.</p>  <h3>Security Models</h3>  <p>Bell-LaPadula (confidentiality), Biba (integrity), Chinese Wall (conflict of interest).</p>  <h3>Advantages</h3>  <p>Strong security guarantees. Suitable for military, government systems.</p>  <h3>Disadvantages</h3>  <p>Inflexible. Complex to administer. Can hinder usability.</p>  </section>  <section id="role-based-access-control">  <h2>Role-Based Access Control (RBAC)</h2>  <h3>Concept</h3>  <p>Access rights assigned to roles. Users assigned to roles. Simplifies permission management.</p>  <h3>Components</h3>  <p>Users, roles, permissions, sessions. Role hierarchies and constraints possible.</p>  <h3>Advantages</h3>  <p>Scalable, manageable, enforces separation of duties.</p>  <h3>Use Cases</h3>  <p>Enterprise systems, healthcare, financial institutions.</p>  </section>  <section id="access-control-lists-and-capabilities">  <h2>Access Control Lists and Capabilities</h2>  <h3>Access Control Lists (ACLs)</h3>  <p>Object-centric. Lists users and their permissions per object.</p>  <h3>Capabilities</h3>  <p>Subject-centric. Tokens or keys granting access rights to specific objects.</p>  <h3>Comparison</h3>  <p>ACLs easier to audit. Capabilities better for distributed systems and delegation.</p>  <h3>Table: ACL vs Capability</h3>  <table style="width: 100%; border-collapse: collapse; margin: 1.5em 0;">   <tr style="background-color: #f5f5f5;">   <th style="border: 1px solid #ddd; padding: 8px;">Aspect</th>   <th style="border: 1px solid #ddd; padding: 8px;">Access Control List (ACL)</th>   <th style="border: 1px solid #ddd; padding: 8px;">Capability</th>   </tr>   <tr>   <td style="border: 1px solid #ddd; padding: 8px;">Focus</td>   <td style="border: 1px solid #ddd; padding: 8px;">Object-centric</td>   <td style="border: 1px solid #ddd; padding: 8px;">Subject-centric</td>   </tr>   <tr>   <td style="border: 1px solid #ddd; padding: 8px;">Management</td>   <td style="border: 1px solid #ddd; padding: 8px;">List of authorized subjects per object</td>   <td style="border: 1px solid #ddd; padding: 8px;">Tokens carried by subjects</td>   </tr>   <tr>   <td style="border: 1px solid #ddd; padding: 8px;">Delegation</td>   <td style="border: 1px solid #ddd; padding: 8px;">Complex, requires list updates</td>   <td style="border: 1px solid #ddd; padding: 8px;">Simple, token transfer</td>   </tr>   <tr>   <td style="border: 1px solid #ddd; padding: 8px;">Audit</td>   <td style="border: 1px solid #ddd; padding: 8px;">Straightforward</td>   <td style="border: 1px solid #ddd; padding: 8px;">Difficult</td>   </tr>  </table>  </section>  <section id="policy-enforcement">  <h2>Policy Enforcement and Administration</h2>  <h3>Reference Monitor</h3>  <p>Concept: mediates all access requests. Properties: tamper-proof, always invoked, small enough to verify.</p>  <h3>Security Kernel</h3>  <p>Implementation of reference monitor. Enforces mandatory policies. Isolated from user processes.</p>  <h3>Policy Administration</h3>  <p>Tools and interfaces for defining, updating policies. Includes user provisioning, role management.</p>  <h3>Access Control Policy Languages</h3>  <p>Examples: XACML, Ponder. Formal languages for specifying policies.</p>  </section>  <section id="security-issues-and-challenges">  <h2>Security Issues and Challenges</h2>  <h3>Insider Threats</h3>  <p>Authorized users abusing privileges. Detection and restriction difficult.</p>  <h3>Privilege Escalation</h3>  <p>Exploiting flaws to gain higher access. Requires mitigation strategies.</p>  <h3>Policy Conflicts</h3>  <p>Contradictory rules cause ambiguity. Needs formal verification.</p>  <h3>Usability vs Security</h3>  <p>Overly restrictive controls hinder productivity. Balance needed.</p>  <h3>Scalability</h3>  <p>Large systems require scalable access control solutions.</p>  </section>  <section id="future-trends-in-access-control">  <h2>Future Trends in Access Control</h2>  <h3>Context-Aware Access Control</h3>  <p>Incorporates environmental factors: location, time, device state.</p>  <h3>Machine Learning Integration</h3>  <p>Adaptive policies based on behavior analysis, anomaly detection.</p>  <h3>Blockchain-Based Access Control</h3>  <p>Decentralized, tamper-resistant access logs and policies.</p>  <h3>Zero Trust Architectures</h3>  <p>Continuous verification, minimal implicit trust, micro-segmentation.</p>  <h3>Policy Automation and Orchestration</h3>  <p>Automated policy generation, conflict resolution, and enforcement.</p>  </section>  <section id="references">  <h2>References</h2>  <ul>   <li>Sandhu, R., Coyne, E. J., Feinstein, H. L., Youman, C. E. "Role-Based Access Control Models." IEEE Computer, vol. 29, no. 2, 1996, pp. 38-47.</li>   <li>Bell, D. E., LaPadula, L. J. "Secure Computer Systems: Mathematical Foundations." MITRE Corp., 1973.</li>   <li>Ferraiolo, D. F., Kuhn, D. R. "Role-Based Access Controls." 15th NIST-NCSC National Computer Security Conference, 1992, pp. 554-563.</li>   <li>Osborn, S. L., Sandhu, R., Munawer, Q. "Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies." ACM Transactions on Information and System Security, vol. 3, no. 2, 2000, pp. 85-106.</li>   <li>Hu, V. C., Ferraiolo, D., Kuhn, D. R. "Assessment of Access Control Systems." NIST Interagency Report 7316, 2006.</li>  </ul>  </section>  <section id="formulas-algorithms">  <h2>Access Control Algorithms and Formalisms</h2>  <h3>Access Decision Function</h3>  <pre><code>access_decision(subject, object, operation) = if (policy(subject, object, operation) == allow) return permit; else return deny;</code></pre>  <h3>RBAC Role Hierarchy Example</h3>  <pre><code>// Role inheritanceRole_Admin > Role_Manager > Role_Employee// Permissions assigned to rolesPerm(Role_Admin) = {read, write, delete, assign}Perm(Role_Manager) = {read, write}Perm(Role_Employee) = {read}// User-role assignmentUser_Alice assigned Role_ManagerUser_Bob assigned Role_Employee// Effective permissions for AliceEffective_Perm(User_Alice) = Perm(Role_Manager) + inherited from Role_Employee = {read, write}</code></pre>  </section></main></div> !main_footer!