SlideShare ist ein Scribd-Unternehmen logo

Protection Domain and Access Matrix Model -Operating System

Als PPTX, PDF herunterladen
L
LalfakawmaKh

Presentation on Protection Domain,Access Matrix Model and Design Principle for Secure System

Bildung
1 von 14
PROTECTION AND SECURITY IN OPERATING SYSTEM LALFAKAWMA M.Tech (C.S.E)
PROTECTION SECURITY  Authorization  Authentication/Encryption  It’s a Mechanisms to build secure System  It deals with the Policy issues that use protection mechanism to build secure System OPERATING SYSTEM  Control User Access to system resources.  Decide which user can have access to what resources.
PROTECTION • Protection deals with the access to the system resources. • It determines that what files can be accessed or permeated by a special user. • The protection of the system should confirm the approval of the process and users. • Due to this, these licensed users and processes will care for the central processing unit, memory and alternative sources. • It refers to a mechanism which controls the access of programs, processes, or users to the resources defined by a computer system.
NEED OF PROTECTION • To prevent the access of unauthorized users • To ensure that each active programs or processes in the system uses resources only as the stated policy, • To improve reliability by detecting latent errors.
PROTECTION DOMAIN Limiting the process’s access to only needed resources Protection domain specify: Access to the resources Operation that process can perform on the resources Every process executes in its protection domain only Switching domain:- control jump from a process to another process
PROTECTION DOMAIN • Computer is a collection of processes and objects OBJECT HARDWAR E OBJECTS SOFTWAR E OBJECTS File, ProgramCPU, Printer • Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations • Each domain defines a set of objects and the types of operations that may be invoked on each object • Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process. • Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user.
PROTECTION DOMAIN • Process operate within a protection domains, which specify the resources that the process may access. • Each domain defines a set of objects and the types of operations that may invoked on each object. • The ability to execute an operation on an object is an Access Right. • Domain is a collection of Access Right. • Access Right <object- name, rights-set>. subset of all valid operations that can be perform on an object. • Access Right. <O4, { print } >, is shared by both D2 and D3, implying that a process executing either of these two domains can print object O4 • A process must executing in domain D1 to read and write object O1, on other hand, only processes in domain D3 may execute object O1.
DESIGN PRINCIPAL FOR SECURE SYSTEMS ECONOMY: COMPLETE MEDIATION: OPEN DESIGN: SEPARATION OF PRIVILEGES: • Protection mechanism should be economical to develop and use. • Minimum substantial cost or overhead to the system. • Design as simple and small as possible. • Every request to access an object be checked for the authority. • A protection mechanism should work even if its underlying principles are known to an attacker. • Protection mechanism that requires two keys to unlock and lock is more robust and flexible. • Presence of two keys may mean satisfying two independent condition before an access is allowed.
DESIGN PRINCIPAL FOR SECURE SYSTEMS LEAST PRIVILEGE: • Minimum access rights that are sufficient for it to complete its task. • If the requirement of the subject changes, the subject should acquire it by switching the domain. LEAST COMMON MECHANISM: • Minimizing the common portion of a mechanism, which are access by more than one user. ACCEPTABILITY: • Protection mechanism must be simple to use. • Complex and obscure protection mechanism will deter users from using it. FAIL-SAFE DEFAULTS: • If design or implementation mistake is responsible for denial of an access, it will eventually be discovered and be fixed.
THE ACCESS MATRIX MODEL • Model of protection can be viewed abstractly as a matrix, called an Access Matrix. • Access Matrix is a security model of protection state in computer system. • Access matrix is used to define the rights of each process executing in the domain with respect to each object. • The rows of matrix represent domains and columns represent objects. • Each cell of matrix represents set of access rights which are given to the processes of domain • Means each entry(i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
THE ACCESS MATRIX MODEL • There are four domains and four objects- three files(F1, F2, F3) and one printer. • A process executing in D1 can read files F1 and F3. A process executing in domain D4 has same rights as D1 but it can also write on files. • Printer can be accessed by only one process executing in domain D2. • The mechanism of access matrix consists of many policies and semantic properties. • Specifically, We must ensure that a process executing in domain Di can access only those objects that are specified in row i.
THE ACCESS MATRIX MODEL • Association between the domain and processes can be either static or dynamic. • Access matrix provides an mechanism for defining the control for this association between domain and processes. • When we switch a process from one domain to another, we execute a switch operation on an object(the domain). • We can control domain switching by including domains among the objects of the access matrix. • Processes should be able to switch from one domain (Di) to another domain (Dj) if and only is a switch right is given to access(i, j). • According to the matrix: a process executing in domain D2 can switch to domain D3 and D4. • A process executing in domain D4 can switch to domain D1 and process executing in domain D1 can switch to domain D2.
THE PROTECTION STATE OF SYSTEM • It represented by Triplet( S,O,P ) O P [s , o] S Subjects Objects Schematic Diagram of Access Matrix
Protection Domain and Access Matrix Model -Operating System

Empfohlen

DBMS - RAID
DBMS - RAIDDBMS - RAID
DBMS - RAID
MythiliMurugan3
 
Dbms architecture
Dbms architectureDbms architecture
Dbms architecture
Shubham Dwivedi
 
File Management in Operating System
File Management in Operating SystemFile Management in Operating System
File Management in Operating System
Janki Shah
 
Deadlock Prevention
Deadlock PreventionDeadlock Prevention
Deadlock Prevention
prachi mewara
 
File access methods.54
File access methods.54File access methods.54
File access methods.54
myrajendra
 
Database architecture
Database architectureDatabase architecture
Database architecture
VENNILAV6
 
Concurrency Control in Database Management System
Concurrency Control in Database Management SystemConcurrency Control in Database Management System
Concurrency Control in Database Management System
Janki Shah
 
two tier and three tier
two tier and three tiertwo tier and three tier
two tier and three tier
Kashafnaz2
 

Empfohlen

DBMS - RAID
DBMS - RAIDDBMS - RAID
DBMS - RAID
MythiliMurugan3
 
Dbms architecture
Dbms architectureDbms architecture
Dbms architecture
Shubham Dwivedi
 
File Management in Operating System
File Management in Operating SystemFile Management in Operating System
File Management in Operating System
Janki Shah
 
Deadlock Prevention
Deadlock PreventionDeadlock Prevention
Deadlock Prevention
prachi mewara
 
File access methods.54
File access methods.54File access methods.54
File access methods.54
myrajendra
 
Database architecture
Database architectureDatabase architecture
Database architecture
VENNILAV6
 
Concurrency Control in Database Management System
Concurrency Control in Database Management SystemConcurrency Control in Database Management System
Concurrency Control in Database Management System
Janki Shah
 
two tier and three tier
two tier and three tiertwo tier and three tier
two tier and three tier
Kashafnaz2
 
Osi model
Osi modelOsi model
Osi model
Priyanka Sharma
 
File organization 1
File organization 1File organization 1
File organization 1
Rupali Rana
 
Unit1 DBMS Introduction
Unit1 DBMS IntroductionUnit1 DBMS Introduction
Unit1 DBMS Introduction
MUHAMMED MASHAHIL PUKKUNNUMMAL
 
IM02: Database Language
IM02: Database LanguageIM02: Database Language
IM02: Database Language
Kelvin Chan
 
Database security
Database securityDatabase security
Database security
Software Engineering
 
File system structure
File system structureFile system structure
File system structure
sangrampatil81
 
Transaction management in DBMS
Transaction management in DBMSTransaction management in DBMS
Transaction management in DBMS
Megha Sharma
 
File System in Operating System
File System in Operating SystemFile System in Operating System
File System in Operating System
Meghaj Mallick
 
File structures
File structuresFile structures
File structures
Shyam Kumar
 
Database security issues
Database security issuesDatabase security issues
Database security issues
n|u - The Open Security Community
 
Protection and security
Protection and securityProtection and security
Protection and security
mbadhi
 
OODM-object oriented data model
OODM-object oriented data modelOODM-object oriented data model
OODM-object oriented data model
AnilPokhrel7
 
Communication in client server system.pptx
Communication in client server system.pptxCommunication in client server system.pptx
Communication in client server system.pptx
MSivani
 
File concept and access method
File concept and access methodFile concept and access method
File concept and access method
rajshreemuthiah
 
Er model ppt
Er model pptEr model ppt
Er model ppt
Pihu Goel
 
Schema
SchemaSchema
Schema
Pragya Srivastava
 
computer network OSI layer
computer network OSI layercomputer network OSI layer
computer network OSI layer
Sangeetha Rangarajan
 
Dbms Notes Lecture 9 : Specialization, Generalization and Aggregation
Dbms Notes Lecture 9 : Specialization, Generalization and AggregationDbms Notes Lecture 9 : Specialization, Generalization and Aggregation
Dbms Notes Lecture 9 : Specialization, Generalization and Aggregation
BIT Durg
 
directory structure and file system mounting
directory structure and file system mountingdirectory structure and file system mounting
directory structure and file system mounting
rajshreemuthiah
 
Object Oriented Design
Object Oriented DesignObject Oriented Design
Object Oriented Design
Sudarsun Santhiappan
 
Protection
ProtectionProtection
Protection
Mohanlal Sukhadia University (MLSU)
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating system
Abdullah Khosa
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Osi model
Osi modelOsi model
Osi model
 
File organization 1
File organization 1File organization 1
File organization 1
 
Unit1 DBMS Introduction
Unit1 DBMS IntroductionUnit1 DBMS Introduction
Unit1 DBMS Introduction
 
IM02: Database Language
IM02: Database LanguageIM02: Database Language
IM02: Database Language
 
Database security
Database securityDatabase security
Database security
 
File system structure
File system structureFile system structure
File system structure
 
Transaction management in DBMS
Transaction management in DBMSTransaction management in DBMS
Transaction management in DBMS
 
File System in Operating System
File System in Operating SystemFile System in Operating System
File System in Operating System
 
File structures
File structuresFile structures
File structures
 
Database security issues
Database security issuesDatabase security issues
Database security issues
 
Protection and security
Protection and securityProtection and security
Protection and security
 
OODM-object oriented data model
OODM-object oriented data modelOODM-object oriented data model
OODM-object oriented data model
 
Communication in client server system.pptx
Communication in client server system.pptxCommunication in client server system.pptx
Communication in client server system.pptx
 
File concept and access method
File concept and access methodFile concept and access method
File concept and access method
 
Er model ppt
Er model pptEr model ppt
Er model ppt
 
Schema
SchemaSchema
Schema
 
computer network OSI layer
computer network OSI layercomputer network OSI layer
computer network OSI layer
 
Dbms Notes Lecture 9 : Specialization, Generalization and Aggregation
Dbms Notes Lecture 9 : Specialization, Generalization and AggregationDbms Notes Lecture 9 : Specialization, Generalization and Aggregation
Dbms Notes Lecture 9 : Specialization, Generalization and Aggregation
 
directory structure and file system mounting
directory structure and file system mountingdirectory structure and file system mounting
directory structure and file system mounting
 
Object Oriented Design
Object Oriented DesignObject Oriented Design
Object Oriented Design
 

Ähnlich wie Protection Domain and Access Matrix Model -Operating System

Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxe
chnrketan
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
7wounders
 

Ähnlich wie Protection Domain and Access Matrix Model -Operating System (20)

Protection
ProtectionProtection
Protection
 
Protection and security of operating system
Protection and security of operating systemProtection and security of operating system
Protection and security of operating system
 
Os8
Os8Os8
Os8
 
Os8
Os8Os8
Os8
 
Least privilege, access control, operating system security
Least privilege, access control, operating system securityLeast privilege, access control, operating system security
Least privilege, access control, operating system security
 
File Protection in Operating System
File Protection in Operating SystemFile Protection in Operating System
File Protection in Operating System
 
Ch13 protection
Ch13 protectionCh13 protection
Ch13 protection
 
Database managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxeDatabase managementsystemes_Unit-7.pptxe
Database managementsystemes_Unit-7.pptxe
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
Lannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber AttacksLannguyen-Detecting Cyber Attacks
Lannguyen-Detecting Cyber Attacks
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
 
Fundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptxFundamental_Security_Design_Principles.pptx
Fundamental_Security_Design_Principles.pptx
 
access-control-basics-murat-kantarcioglu.pdf
access-control-basics-murat-kantarcioglu.pdfaccess-control-basics-murat-kantarcioglu.pdf
access-control-basics-murat-kantarcioglu.pdf
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
CISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architectureCISSP - Chapter 3 - System security architecture
CISSP - Chapter 3 - System security architecture
 
4_5949547032388570388.ppt
4_5949547032388570388.ppt4_5949547032388570388.ppt
4_5949547032388570388.ppt
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
Enumeration and system hacking
Enumeration and system hackingEnumeration and system hacking
Enumeration and system hacking
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 

Kürzlich hochgeladen

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 

Kürzlich hochgeladen (20)

COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptxHMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
HMCS Vancouver Pre-Deployment Brief - May 2024 (Web Version).pptx
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 

Protection Domain and Access Matrix Model -Operating System

  • 1. PROTECTION AND SECURITY IN OPERATING SYSTEM LALFAKAWMA M.Tech (C.S.E)
  • 2. PROTECTION SECURITY  Authorization  Authentication/Encryption  It’s a Mechanisms to build secure System  It deals with the Policy issues that use protection mechanism to build secure System OPERATING SYSTEM  Control User Access to system resources.  Decide which user can have access to what resources.
  • 3. PROTECTION • Protection deals with the access to the system resources. • It determines that what files can be accessed or permeated by a special user. • The protection of the system should confirm the approval of the process and users. • Due to this, these licensed users and processes will care for the central processing unit, memory and alternative sources. • It refers to a mechanism which controls the access of programs, processes, or users to the resources defined by a computer system.
  • 4. NEED OF PROTECTION • To prevent the access of unauthorized users • To ensure that each active programs or processes in the system uses resources only as the stated policy, • To improve reliability by detecting latent errors.
  • 5. PROTECTION DOMAIN Limiting the process’s access to only needed resources Protection domain specify: Access to the resources Operation that process can perform on the resources Every process executes in its protection domain only Switching domain:- control jump from a process to another process
  • 6. PROTECTION DOMAIN • Computer is a collection of processes and objects OBJECT HARDWAR E OBJECTS SOFTWAR E OBJECTS File, ProgramCPU, Printer • Each object has a unique name that differentiates it from all other objects in the system, and each can be accessed only through well-defined and meaningful operations • Each domain defines a set of objects and the types of operations that may be invoked on each object • Each process may be a domain. In this case, the set of objects that can be accessed depends on the identity of the process. • Each user may be a domain. In this case, the set of objects that can be accessed depends on the identity of the user.
  • 7. PROTECTION DOMAIN • Process operate within a protection domains, which specify the resources that the process may access. • Each domain defines a set of objects and the types of operations that may invoked on each object. • The ability to execute an operation on an object is an Access Right. • Domain is a collection of Access Right. • Access Right <object- name, rights-set>. subset of all valid operations that can be perform on an object. • Access Right. <O4, { print } >, is shared by both D2 and D3, implying that a process executing either of these two domains can print object O4 • A process must executing in domain D1 to read and write object O1, on other hand, only processes in domain D3 may execute object O1.
  • 8. DESIGN PRINCIPAL FOR SECURE SYSTEMS ECONOMY: COMPLETE MEDIATION: OPEN DESIGN: SEPARATION OF PRIVILEGES: • Protection mechanism should be economical to develop and use. • Minimum substantial cost or overhead to the system. • Design as simple and small as possible. • Every request to access an object be checked for the authority. • A protection mechanism should work even if its underlying principles are known to an attacker. • Protection mechanism that requires two keys to unlock and lock is more robust and flexible. • Presence of two keys may mean satisfying two independent condition before an access is allowed.
  • 9. DESIGN PRINCIPAL FOR SECURE SYSTEMS LEAST PRIVILEGE: • Minimum access rights that are sufficient for it to complete its task. • If the requirement of the subject changes, the subject should acquire it by switching the domain. LEAST COMMON MECHANISM: • Minimizing the common portion of a mechanism, which are access by more than one user. ACCEPTABILITY: • Protection mechanism must be simple to use. • Complex and obscure protection mechanism will deter users from using it. FAIL-SAFE DEFAULTS: • If design or implementation mistake is responsible for denial of an access, it will eventually be discovered and be fixed.
  • 10. THE ACCESS MATRIX MODEL • Model of protection can be viewed abstractly as a matrix, called an Access Matrix. • Access Matrix is a security model of protection state in computer system. • Access matrix is used to define the rights of each process executing in the domain with respect to each object. • The rows of matrix represent domains and columns represent objects. • Each cell of matrix represents set of access rights which are given to the processes of domain • Means each entry(i, j) defines the set of operations that a process executing in domain Di can invoke on object Oj.
  • 11. THE ACCESS MATRIX MODEL • There are four domains and four objects- three files(F1, F2, F3) and one printer. • A process executing in D1 can read files F1 and F3. A process executing in domain D4 has same rights as D1 but it can also write on files. • Printer can be accessed by only one process executing in domain D2. • The mechanism of access matrix consists of many policies and semantic properties. • Specifically, We must ensure that a process executing in domain Di can access only those objects that are specified in row i.
  • 12. THE ACCESS MATRIX MODEL • Association between the domain and processes can be either static or dynamic. • Access matrix provides an mechanism for defining the control for this association between domain and processes. • When we switch a process from one domain to another, we execute a switch operation on an object(the domain). • We can control domain switching by including domains among the objects of the access matrix. • Processes should be able to switch from one domain (Di) to another domain (Dj) if and only is a switch right is given to access(i, j). • According to the matrix: a process executing in domain D2 can switch to domain D3 and D4. • A process executing in domain D4 can switch to domain D1 and process executing in domain D1 can switch to domain D2.
  • 13. THE PROTECTION STATE OF SYSTEM • It represented by Triplet( S,O,P ) O P [s , o] S Subjects Objects Schematic Diagram of Access Matrix