Semester 4 / Operating Systems Security /Access Control

Access Control

2 min read Last updated Tue Jun 02 2026 18:48:59 GMT+0000 (Coordinated Universal Time)
Open in ChatGPT Open in Claude

Mechanism that regulates who can access what, in what way. Protects system resources. Enforces CIA.

Should be robust, easy to use and efficient.

Access Control Paradigm

Defines the fundamental entities and interactions in access control.

  • Subjects (who)
    users, processes, devices
  • Objects (what)
    files, programs, memory, hardware, etc.
  • Access modes (how)
    read, write, execute, delete, create, etc.

Access Policies

Define the rules that determine whether access is allowed or denied.

Reference Monitor

A trusted component that mediates all access between subjects and objects.

Must be:

  • Non-bypassable
    Always invoked for object access.
  • Tamper-proof
    Impossible to disable or weaken.
  • Verifiable
    Small enough to be tested completely.

Implementations

Access Control Matrix

Permissions stored as a matrix, subjects as rows and objects as columns. Each cell lists the permissions granted.

Conceptually simple. Large and sparse in real life. Inefficient in terms of space. Does not scale. Rarely used in practice.

Access Control Directory

Per-user directories listing the objects each user can access. Users control permissions on objects they own, but cannot modify their own directory entry.

Easy to enumerate all objects accessible by a user. Revocation is hard. Does not scale. Rights propagation is hard to track.

Access Control List

Aka. ACL. Permissions stored per object — each object holds a list of (user, rights) pairs. Equivalent to a column in the Access Control Matrix.

Easy to determine who can access a given object. Revocation per object is straightforward. Hard to enumerate all permissions a user holds. User deletion requires scanning and updating every object’s ACL.

Common in file systems (UNIX, Windows).

Capability

An unforgeable token granting access rights to a specific object. May be encrypted. Can be passed to others to delegate access.

Delegation is simple. Access check is fast. Hard to revoke once distributed. Difficult to audit all current holders.

Procedure-Oriented Access Control

Access is mediated through procedures that enforce rules before granting access.

Can encode complex, context-sensitive rules.

May introduce performance overhead. Harder to reason about and audit than declarative policies.

Role-Based Access Control

Aka. RBAC. Permissions are assigned to roles rather than individual users. Roles can be hierarchical.

Reduced admin overhead. Roles reflect organisational structure naturally.

Role explosion in large systems. Not fine-grained; may grant too few or too high permissions.

Was this helpful?
PreviousAuthentication
NextEncryption