What are the steps involved in designing an access matrix wi

What are the steps involved in designing an access matrix with domains and objects to illustrate the principle of least privilege for a given program? The program may have several sequential logical phases where read and write operations are performed on files

Solution

Domain of Protection

Domain Structure

Figure 14.1 - System with three protection domains.

An Example: UNIX

An Example: MULTICS

Figure 14.2 - MULTICS ring structure.

Access Matrix

Figure 14.3 - Access matrix.

Figure 14.4 - Access matrix of Figure 14.3 with domains as objects.

Figure 14.5 - Access matrix with copy rights.

Figure 14.6 - Access matrix with owner rights.

Figure 14.7 - Modified access matrix of Figure 14.4

Implementation of Access Matrix

Global Table

Access Lists for Objects

Capability Lists for Domains

Lock-Key Mechanism

Comparison