© 2005 Ravi Sandhuwww.list.gmu.edu
Permissions and Inheritance(best viewed in slide show mode)
Ravi SandhuLaboratory for Information Security Technology
George Mason [email protected]
2
© 2005 Ravi Sandhuwww.list.gmu.edu
Reference
• Jason Crampton. “On permissions, inheritance and role hierarchies.” Proceedings of the 10th ACM conference on Computer and communications security, Washington D.C 2003, pages: 85-92
• Several diagrams and text excerpts are taken directly from this paper.
3
© 2005 Ravi Sandhuwww.list.gmu.edu
Arrow notation
4
© 2005 Ravi Sandhuwww.list.gmu.edu
Administrative scope
5
© 2005 Ravi Sandhuwww.list.gmu.edu
Effective roles of permission p
up
down
neutral
6
© 2005 Ravi Sandhuwww.list.gmu.edu
Permission Hierarchy
7
© 2005 Ravi Sandhuwww.list.gmu.edu
Consistency and redundancy
8
© 2005 Ravi Sandhuwww.list.gmu.edu
Simulating BLP (liberal *-property)
9
© 2005 Ravi Sandhuwww.list.gmu.edu
Simulating BLP (liberal *-property)
Maximal or minimal permission is assigned to exactly one role
10
© 2005 Ravi Sandhuwww.list.gmu.edu
Constraints for simulating BLP
11
© 2005 Ravi Sandhuwww.list.gmu.edu
Constraints for simulating BLP
12
© 2005 Ravi Sandhuwww.list.gmu.edu
Constraints for simulating BLP
13
© 2005 Ravi Sandhuwww.list.gmu.edu
Constraints for simulating BLP
14
© 2005 Ravi Sandhuwww.list.gmu.edu
Constraints for simulating BLP
15
© 2005 Ravi Sandhuwww.list.gmu.edu
Security levels
16
© 2005 Ravi Sandhuwww.list.gmu.edu
Security levels
![Index []€¦ · .BKF files, 1223 blocking file types saved, 624–630 Group Policy inheritance, 303 inherited permissions, 272–273 software access, 923–926 blocking. Z07I620474.fm](https://static.cupdf.com/doc/110x72/5f1db80aa7f57646e86373d1/index-bkf-files-1223-blocking-file-types-saved-624a630-group-policy-inheritance.jpg)
