Shulou(Shulou.com)06/01 Report--

One of the best ways to defend yourself is to put defense first. By setting who has access to that block of information in a strict way, we can defend against confidentiality, integrity and anonymity. All models fake data managers, data owners, or system administrators to define access control specifications. The purpose of this is to restrict users from accessing or modifying information related to them.

The access control matrix mentioned in the title is a control model. The following is an introduction to the access control model.

Access control matrix: it is a table that defines permissions, each row of the table is the subject, each column of the table is the object, and the cells of the table are populated with the combined access permissions associated with the subject and the object.

Object 1 object 2 object 3 object 4 subject 1 access rights subject 2 access rights

Access rights subject 3 access rights

Principal: users, groups, or systems that can perform operations

Object: file, directory, document, device, resource, or any entity that needs to define access rights.

Access permissions: read, write, execute, delete, comment and other operations spaces indicate unauthorized

For example:

/ etc/passwduser/binu/roberto/admin/root read, write, write, execute read, write, perform read, write, hold 1 read, execute

Read 2, read, execute

Advantages

The ability to quickly determine the access control rights of any subject and object provides administrators with a simple visual way to grasp all the relationship sets of access control. There are still many advantages of this access control model.

Disadvantages:

However, the shortcomings of this access control model are also obvious. when the matrix becomes very large, it is exposed. When the access control matrix has n rows and m columns, there are n cells. For example, a computer server can easily reach 1000 subjects, and the server has 100 million objects, which means that there are 1 million cells, and no one is willing to fill them with permissions slowly.

In order to overcome this shortcoming, we will continue to introduce the role-based access control with access control list rights.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.