Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

访问控制 #196

Open
wsxk opened this issue Jul 6, 2024 · 0 comments
Open

访问控制 #196

wsxk opened this issue Jul 6, 2024 · 0 comments
Labels
/access_control/ Gitalk

Comments

@wsxk
Copy link
Owner

wsxk commented Jul 6, 2024

https://wsxk.github.io/access_control/

前言

  1. authorization VS authentication

  2. Modeling Access Control

    2.1 Access Control Matrix

前言
访问控制其实和linux中遇到的文件系统权限,apparmor是息息相关的
自我宣传一下.jpg 😄
linux 文件/目录 权限管理
AppArmor 访问控制
当然不看也可以~

  1. authorization VS authentication
    authorization(授权)表达的是你能够做什么
    authentication(认证)表达的是你是谁

  2. Modeling Access Control
    首先需要对访问控制进行建模
    Subjects S
    Things in the system that can act
    即执行者

Objects O
Assets or objects in the system (acted upon)
资产/物体,可以被执行

Rights R
What can the subject do to the object?
即S可以对O做的事情,即权限

在一个简单的Unix Model中,系统中各个物体映射到访问控制模型的结果如下:
Subjects are processes(进程)
p, q

Files are objects(文件)
f, g

Rights (read, write, execute, append, own)
r, w, x, a, o

2.1 Access Control Matrix
访问控制矩阵,subjects作为行,subjects+objects作为列,Rights表示subject可以对subject/object做的动作
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
/access_control/ Gitalk
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wsxk