Access Control Matrix Model
- Tags
- security
An ACM that's [see page 26, defined] in terms of the privileges of subjects on objects.
| Term | Description |
|---|---|
| Subjects | People who interact with the system |
| Objects | Things that subjects can interact with |
| Privileges | The rights a subject has on a model |
We define a protection state \( P \) as a triple \( (S,O,M) \), with:
| Term | Description |
|---|---|
| \( S \) | The set of current subjects |
| \( O \) | The set of current objects |
| \( M \) | The access control matrix, privileges for each \( (s,o) \in S \times O \) |
\( M \) is a 2D matrix, each row is a user, each column is a file and the cells of the matrix specify the permissions for that specific object for the associated user from the set of permissions \( P \).
This model will result in a very large data-store of allowed permissions and struggles to scale to lots of users or lots of objects. This approach is most likely unmaintainable in practice.