العربية
中国
Français
Deutsch
Ελληνική
हिन्दी
Italiano
日本語
Português
Русский
EspañolTAKE-GRANT PROTECTION MODEL
(Redirected from Take-Grant Model)
The 'take-grant protection model' is a formal model used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules. It shows that for specific systems the question of safety is decidable in linear time, which is in general undecidable.
The model represents a system as directed graph, where vertices are either subjects or objects. The edges between them are labeled and the label indicates the rights that the source of the edge has over the destination. Two rights occur in every instance of the model: ''take'' and ''grant''. They play a special role in the graph rewriting rules describing admissible changes of the graph.
There is a total of four such rules: The ''take rule'' allows a subject to take rights of another subject, while the ''grant rule'' allows a subject to grant own rights to another subject. The ''create rule'' allows every subject to create new nodes, while the ''remove rule'' allows a subject to remove rights it has over another object.
Using the rules of the take-grant protection model, one can reproduce in which states a system can change, with respect to the distribution of rights. Therefore one can show if rights can leak with respect to a given safety model.
★ A Linear Time Algorithm for Deciding Subject Security, Lipton, Richard J., , , Journal of the ACM,
★ Computer security: art and science, , Matt, Bishop, Addison-Wesley, 2004,
The 'take-grant protection model' is a formal model used in the field of computer security to establish or disprove the safety of a given computer system that follows specific rules. It shows that for specific systems the question of safety is decidable in linear time, which is in general undecidable.
The model represents a system as directed graph, where vertices are either subjects or objects. The edges between them are labeled and the label indicates the rights that the source of the edge has over the destination. Two rights occur in every instance of the model: ''take'' and ''grant''. They play a special role in the graph rewriting rules describing admissible changes of the graph.
There is a total of four such rules: The ''take rule'' allows a subject to take rights of another subject, while the ''grant rule'' allows a subject to grant own rights to another subject. The ''create rule'' allows every subject to create new nodes, while the ''remove rule'' allows a subject to remove rights it has over another object.
Using the rules of the take-grant protection model, one can reproduce in which states a system can change, with respect to the distribution of rights. Therefore one can show if rights can leak with respect to a given safety model.
| Contents |
| References |
References
★ A Linear Time Algorithm for Deciding Subject Security, Lipton, Richard J., , , Journal of the ACM,
★ Computer security: art and science, , Matt, Bishop, Addison-Wesley, 2004,
This article provided by Wikipedia. To edit the contents of this article, click here for original source.
psst.. try this: add to faves
