4.6. Summary of Security for Users
This chapter has addressed four topics: memory protection, file protection, general object access control, and user authentication. Memory protection in a multiuser setting has evolved with advances in hardware and system design. Fences, base/bounds registers, tagged architecture, paging, and segmentation are all mechanisms designed both for addressing and for protection.
File protection schemes on general-purpose operating systems are often based on a three- or four-level format (for example, user–group–all). This format is reasonably straightforward to implement, but it restricts the granularity of access control to few levels.
Access control in general is addressed by an access control matrix or by lists ...
Get Security in Computing, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
