Why we should take a second look at access control in Unix

J. Crampton

Why we should take a second look at access control in Unix

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Unix is an operating system that began development almost 40 years ago. It has a very simple mechanism for controlling access to protected resources based on the owner-group-world model. This simple model has not attracted much interest from the access control community. In this paper we argue that the Unix access control mechanism has some interesting features of relevance to modern authorization services. We present a formal model for the Unix access control mechanism and compare its characteristics with those of role-based access control and XACML, two popular foundations for authorization services. We then discuss what lessons may be learned from the Unix model and how those lessons might be applied in the future.

Original language	English
Title of host publication	Proceedings of 13th Nordic Workshop on Secure IT Systems
Publication status	Published - 2008

Cite this

@inproceedings{0071d76ab5fe459a9008973eb770ee3e,

title = "Why we should take a second look at access control in Unix",

abstract = "Unix is an operating system that began development almost 40 years ago. It has a very simple mechanism for controlling access to protected resources based on the owner-group-world model. This simple model has not attracted much interest from the access control community. In this paper we argue that the Unix access control mechanism has some interesting features of relevance to modern authorization services. We present a formal model for the Unix access control mechanism and compare its characteristics with those of role-based access control and XACML, two popular foundations for authorization services. We then discuss what lessons may be learned from the Unix model and how those lessons might be applied in the future.",

author = "J. Crampton",

year = "2008",

language = "English",

booktitle = "Proceedings of 13th Nordic Workshop on Secure IT Systems",

}

TY - GEN

T1 - Why we should take a second look at access control in Unix

AU - Crampton, J.

PY - 2008

Y1 - 2008

N2 - Unix is an operating system that began development almost 40 years ago. It has a very simple mechanism for controlling access to protected resources based on the owner-group-world model. This simple model has not attracted much interest from the access control community. In this paper we argue that the Unix access control mechanism has some interesting features of relevance to modern authorization services. We present a formal model for the Unix access control mechanism and compare its characteristics with those of role-based access control and XACML, two popular foundations for authorization services. We then discuss what lessons may be learned from the Unix model and how those lessons might be applied in the future.

AB - Unix is an operating system that began development almost 40 years ago. It has a very simple mechanism for controlling access to protected resources based on the owner-group-world model. This simple model has not attracted much interest from the access control community. In this paper we argue that the Unix access control mechanism has some interesting features of relevance to modern authorization services. We present a formal model for the Unix access control mechanism and compare its characteristics with those of role-based access control and XACML, two popular foundations for authorization services. We then discuss what lessons may be learned from the Unix model and how those lessons might be applied in the future.

M3 - Conference contribution

BT - Proceedings of 13th Nordic Workshop on Secure IT Systems

ER -