Please use this identifier to cite or link to this item:
Title: Secure access control in unix
Keywords: Security Access Control Capabilities Unix Linux
Issue Date: 28-Feb-2005
Source: HEMAL NAMDEV RATHOD (2005-02-28). Secure access control in unix. ScholarBank@NUS Repository.
Abstract: Unix, in its various forms uses access control lists(ACLs) to achieve access control which is not sufficiently powerful to achieve security at the higher level. Unix also does not conform with the principle of least privilege. Various other mechanisms and models have been developed recently to achieve access control in Unix based systems. In this research, we identify the major problems with the current Unix model, outline the various research techniques which are employed to address them and present our solution. We use capabilities for achieving access control. We have altered the traditional capability structure to create environments to confine processes in a domain. These environments, called CBoxes can be used to provide confinement by allowing access to objects only using capabilities. Capabilities can also be used to achieve dynamic access control. Fine grained access permissions are defined for each type of object in the system so that capabilities for only those fine grained permissions can be issued and nothing more. Using capabilities provides us with a powerful permission model. We also address the issue of the all powerful a??roota?? in the Unix system and propose methods of delegation of power using capabilities. We show how capabilities can be used to implement higher level abstraction such as Role Based Access Control (RBAC).
Appears in Collections:Master's Theses (Open)

Show full item record
Files in This Item:
File Description SizeFormatAccess SettingsVersion 
thesis.pdf349.65 kBAdobe PDF



Page view(s)

checked on Jan 19, 2018


checked on Jan 19, 2018

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.