Next: List of Requests with
Up: Architecture and Implementation of
Previous: Architecture and Implementation of
In RSBAC, subjects are defined as processes acting on behalf of user IDs.
The following object types (here named as target types) are defined:
- FILE
- DIR
- FIFO (also known as named pipe)
- SYMLINK
- DEV (devices by block/char and major:minor)
- IPC (Inter Process Communication)
- SCD (System Control Data)
- USER
- PROCESS
- NONE (no object associated with this request)
Access modes are grouped into abstract request types. Whenever a subject wants
to access an object, the respective request call with
parameters request type, subject, object and attribute data is issued. One
system call can lead to several request calls, e.g. sys_open can lead to
SEARCH, CREATE, TRUNCATE and all OPEN request types.
2001-09-17