ACCESS CONTROL MECHANISM

• The boundary subsystem establishes the interface

between the would-be user of a computer system
and the computer system itself.
• Once boundary subsystem functions are complete,
the user can commence to use the resources of the
system.
• Boundary subsystem controls have one primary
purpose: to establish the identity and authenticity
of would-be users of a system.
• This chapter examines some of the major types of
security exercised in the boundary subsystem.
 ACM
Access Controls
• An Access Control Mechanism is used in a
computer installation for preventing unauthorized
access to and use of resources.
 ACM
Functions of an Access Control Mechanism.
• An access control mechanism associates with
identified, authorized users the resources they are
permitted to access and the action privileges they
have with respect to those resources.

• The mechanism processes user's requests in three

steps, identification, authentication, and
authorization
 ACM
Identification and Authentication
• Four classes of authentication are remembered
information, possessed information, personal
characteristics and dialog.
• There is need to understand the weaknesses in
each of the class of authentication.
• Passwords, possessed objects, and personal
characteristics all have a further weakness that the
authentication information is reduced to a bit
stream which can be wiretapped.
 ACM
Object Resources
• In a generalized access control mechanism, all
resources must be named since the mechanism
must couple users with resources they are
permitted to use.
• It is important that the access control mechanism
have a means of identifying the authenticity of the
object resources it provides to a user .e.g assigning
object resources a unique identity that can not be
copied.
 ACM
Action Privileges
• If a user has the permission to use a commodity,
the amount of the commodity that the user can
consume must be specified.
• The most complex action privileges relate to the
use of data resources
file1 File2 file3
John Own Read Write
Alice Read Own Read Write Read
bob Read Write Read Own Read Write

• ADD, INSERT, APPEND,MODIFY

 ACM
Action privileges

• Data independent – all the contents of a file

are subject to the action privilege assigned to
the file
• Data dependent – can apply to data items
within a file e.g salary < 15000
 Implementing ACM
• One of the important restrictions on action
privileges is a temporal restriction e.g no access to
the terminal after working hours.
Implementing an Access Control Mechanism
• Full implementation of an ACM can be costly. In
practise, some trade offs must be made; overall
control must be decreased to reduce costs and
improve performance.
• The tradeoffs made in the ACM must be
reasonable, given the overall control requirements
of the installation
 Problems in ACM
Problems in Implementing ACM
(1)Open Vs Closed Environment
• While an open environment allows for an easier
implementation of an ACM, only in a closed
environment can effective control be exercised
over users.
(2)Approaches to Authorization
• They are two approaches to implementing the
authorization module in an access control
mechanism:
 Problems in ACM
• A ticket oriented approach?
• A list oriented approach?

(3)Dynamics of Authorization
• Some difficult implementation problems arise in
the area of authorization dynamics.
 Access control Approaches
• Discretionary Access Control (DAC)?
• Mandatory Access Control (MAC)?
• Role Based Access Control (RBAC) ?