Subject, object, operation and permission

From Erights

(Difference between revisions)
Jump to: navigation, search
m (Object (security) moved to Subject, object, operation and permission: These primitive terms can only be defined at once.)
Line 1: Line 1:
 +
== Definition ==
 +
From a security point of view, we recognize:
From a security point of view, we recognize:
* subjects
* subjects

Revision as of 19:11, 14 June 2009

Definition

From a security point of view, we recognize:

  • subjects
  • objects

Subjects are active entities (e.g. UNIX processes) with some behavior. Subjects can designate objects and try to perform some supported operations with them.

What kind of operations can be performed with an object depends on its type.

In general, the set of existing objects and subjects changes over time.

Permissions is a relation (among subjects, objects and their operations) that defines which operations of what objects are permitted for particular subjects.

Personal tools
more tools