protection
domain
, which specifies the resources that the process may access. Each
domain defines a set of objects and the types of operations that may be invoked
on each object. The ability to execute an operation on an object is an
access
right
. A domain is a collection of access rights, each of which is an ordered
pair <
object-name, rights-set
>
. For example, if domain D has the access
right <
file
F
,
{read,write}>, then a process executing in domain D can both
read and write file F. It cannot, however, perform any other operation on that
object.
Domains may share access rights. For example, in Figure 14.1, we have
three domains: D
1
, D
2
, and D
3
. The access right <O
4
, {print}> is shared by D
2
and D
3
, implying that a process executing in either of these two domains can
print object O
4
. Note that a process must be executing in domain D
1
to read
and write object O
1
, while only processes in domain D
3
may execute object O
1
.
The association between a process and a domain may be either
static
, if
the set of resources available to the process is fixed throughout the process’s
lifetime, or
dynamic
. As might be expected, establishing dynamic protection
domains is more complicated than establishing static protection domains.
If the association between processes and domains is fixed, and we want to
adhere to the need-to-know principle, then a mechanism must be available to
change the content of a domain. The reason stems from the fact that a process
may execute in two different phases and may, for example, need read access
in one phase and write access in another. If a domain is static, we must define
the domain to include both read and write access. However, this arrangement
provides more rights than are needed in each of the two phases, since we have
read access in the phase where we need only write access, and vice versa.
D
1
(
O
3
, {read, write} )
(
O
1
, {read, write} )
(
O
2
, {execute} )
(
O
1
, {execute} )
(
O
3
, {read} )
(
O
2
, {write} ) ( O
4
, {print} )
D
2
D
3
Chia sẻ với bạn bè của bạn: |