Printer-Friendly
Version
|
Next: Discretionary Access Control in
Up: 12-mungi
Previous: SASOS Issues
Subsections
- Discretionary access control
- user-oriented mechanism
- users determine which of their data should be accessible to others
- essential for privacy
- two basic models: access control lists and
capabilities
- Mandatory access control
- system-oriented mechanism
- system-wide security policy limits data flow
- essential for use of untrusted extensions
- range of models: Denning, Bell-LaPadula, Chinese Wall,
role-based....
Mungi has both
Gernot Heiser
2002-10-24
|