Guide to writing DCE applications (2nd ed.)
Guide to writing DCE applications (2nd ed.)
Role-Based Access Control Models
Computer
Protection in operating systems
Communications of the ACM
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Lattice-Based Access Control Models
Computer
A performance evaluation of the Intel iAPX 432
ACM SIGARCH Computer Architecture News
Protection in Grasshopper: A Persistent Operating System
Proceedings of the Sixth International Workshop on Persistent Object Systems
ACM SIGOPS Operating Systems Review
A hardware implementation of capability-based addressing
ACM SIGOPS Operating Systems Review
| Hi-index | 0.00 |
Access control in real systems is implemented using one or more abstractions based on the access control matrix (ACM). The most common abstractions are access control lists (ACLs) and capabilities. In this paper, we consider an extended Harrison-Ruzzo-Ullman (HRU) model to make some formal observations about capability systems versus access control list based systems. This analysis makes the characteristics of these types of access control mechanisms more explicit and is intended to provide a better understanding of their use. A combined model providing the flexibility of capabilities with the simplicity of the ACL and its relation to other models proposed earlier (e.g.[10,6]) are discussed.