security. digital signatures digital signatures using md
DESCRIPTION
Digital Signatures Using MDTRANSCRIPT
Security
Digital Signatures
Digital Signatures Using MD
Authorization/Access Control• Verifying access rights is called access control• Granting access rights is called authorization• Used interchangeably• Subject – Entity that requests access• Object – Entity that is being accessed
General Issues in Access Control
General model of controlling access to objects.
Access Control Matrix• Subject is represented as a row and object as column• M[s, o] indicates the access rights of s on o• Inefficient if large numbers of subjects & objects• Access control lists
– Object maintains a list of all subjects allowed to access it and operations they can perform
• Capabilities– Each subject maintains a list of “rights” on various
objects– Need for making capabilities tamper proof
Access Control Matrix
Comparison between ACLs and capabilities for protecting objects.
a) Using an ACLb) Using
capabilities.
Protection Domains
The hierarchical organization of protection domains as groups of users.
Firewalls
A common implementation of a firewall.