Unix

UNIX System Security

POS/355

UNIX System Security

System security is important in all aspects of business. As businesses get larger, and infrastructure more diverse and complicated, a necessary system of security and checkpoints is used. This is to ensure that the business itself is secure from the inside, and protect itself from any outside threats. The security system also needs to take into consideration needs and the changes of the business. Sensitive files, that at one point my not be accessible to an employee, may need to become accessible if the employee were to get promoted. This is just one example of many possible scenarios to illustrate the need for security and flexibility.

UNIX Security Features

In the UNIX system an access matrix is used to accommodate these necessary changes in business. If we were to consider a system that supports 5,000 users. Suppose that we wanted to allow 4,990 of those users to be able to access one file. By using an access matrix we can regulate who can access which file. We will examine the different components of the access matrix as it is used in UNIX. Every user in the system is considered a subject, with different right and access privileges. Objects in the system are considered to be anything from programs and files to segments in memory and software objects. One part of the access matrix would be an identified list of subjects that may attempt the data access. It would compare that list to another list of objects that can be accessed. The matrix can be composed in different ways however. If the matrix is composed of columns, it would yield an access control list. If the matrix is composed of rows, it will use capability tickets.

Access Control List and Capability Tickets

In the first example of the matrix being designed using columns, each object would have an access control list that would show a list of users and their access right. In our example of trying to limit ten people from accessing a certain...