ACCESS CONTROL MATRIX MODEL 2

ACCESS CONTROL MATRIX MODEL 2

Abstract

Studies have been carried out for the past years on best models to protect the computer operating systems. However, these studies conclude that various models, such as a trusted computing base, information model, access control models, amongst others, are better protective models for our computer servers. Besides, the access control matrix model outstand other security models concerning our research. Thisis since it has both physical and logical controls.This model replicates the access control sense of any OS from that time of conception . an access control matrix has a single file with subjects and objects and permits any action to be done by an individual ( Barrera et al.,2010).

1. Introduction

Computer engineering has various security models such as the Graham-Denning model, Southerland model,Biba model, access control matrix model, amongst others. The access control modelsafeguards the computer system through a rectangular shape of cells with a single row to represent the subject and the column for the object. Cells are the entrance of every subjet-object combination modes. Every column is the same as the access control list for individual purposes, while every row represents an access profile for each subject, respectively.

                       2.Body

2.1 Historical Background

Access control matrix security model is invented in 1971 by a world-renowned scientist, Butler W. Lampson, to explain the defense state of a computer system vividly.This model replicates the access control sense of any OS from that time of conception. Over the years, this knowledge has been spread across the globe. It has been converted into various control models that take care of other complicated access controls like hierarchical and state-dependent access. It is tabulated to give an approach towards subjects and objects within a computer operating system. It is implemented in the binding access control…

2.2 Implementation

Decisions made by this security model are grounded on the stable relationship between the subjects that requests and the objects to which these requests are made. The compulsory access control ensures Continousdissemination of information . it also approves each access but fails to monitor areas where data flow has been logged on. It can be implemented through a network

-extensive capability where remote objects are executed to protectthem. This is done with the help of amoeba stores. Another method of realization is a duplicate access-list, which aids the Lotus Notes to reproduce objects that, in turn, propagate the access control too. Application-defined objects and access proxies use the principle of dependence where their downloaded space codes can define any loader. They avail proxy classes for the objects to be safeguarded and make sure that these objects notice the proxy classes and not the protected classes (Ilanchezhian et al.,2012).

2.3 Security policy

The security policy of access control points arranges for a way to execute security measures for an operating system. It explains what users and objects should not engage in. The security policy covers all aspects of the access control model that considers hardwareused, features of the server, the language that is in use, the physicalcharacteristics of the operation to be run, and the users themselves. An access matrix should only be seen as an abstract model. Capability based security and control lists are structures of this model that embraces the security strategy ( Sadhu et al., 2013).

2.4 Barriers and solutions

Users will describe access policies of the access control matrix model. Access model has a large table, which makes it extremely tricky for the user to go through. For instance, an access matrix has` m`  objects and `subjects’ subject. The cells are noticeably m*n. For any standardized computer, server can have 10,000 subjects and 1,000,000 objects. This results in 10 billion cells in that computer system that contains files as well as some directories. It is complicated to manage such kinds of cells and no user can see this table at once. To outdo this type of barrier, computer experts provide solutions to reduce complications through capabilities and control lists ( Barrera et al.,2010).

Conclusion

Conclusively, the access control matrix is preferred to other security models because this model replicates the access control sense of any OS from that time of conception. It also has smaller size as compared to other security models. It is, therefore, the best model to safeguard the computer operating system.

References

Barrera, D., Kayacik, H. G., Van Oorschot, P. C., &Somayaji, A. (2010, October). A methodology for empirical analysis of permission-based security models and its application to android. In Proceedings of the 17th ACM conference on Computer and communications security (pp. 73-84).

Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Role-Based, C. Y. (2013). Access Control Models.

Ilanchezhian, J., Varadharassu, V., Ranjeeth, A., &Arun, K. (2012, July). To improve the current security model and efficiency in cloud computing using the access control matrix. In 2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT’12) (pp. 1-5). IEEE. IEEE Computer, 29(2), 38-47.