secappdev.org's video: Access control - Frank Piessens

Frank Piessens is a professor at the Department of Computer Science of the KU Leuven, Belgium. His research interests lie in software security, including security in operating systems and middleware, architectures, applications, Java and .NET, and software interfaces to security technologies. He is an active participant in both fundamental research and industrial application-driven projects, provides consultancy to industry on distributed system security and serves on programme committees for various security-related international scientific conferences. Frank teaches software security at the KU Leuven, and at various academic and industrial conferences. This lecture starts with the detailed description of the goals of an access contol system. The concepts fundamental to the model common to most access control techniques are discussed: + object, + subject, + reference monitor, + protection domain, + policy. Next, common policy models are reviewed in detail, and compared: + Discretionary Access Control (DAC), + Mandatory Access Control (MAC) and + Role Based Access Control (RBAC) . The need for representations of access control policies that may be automatically enforced by the reference monitor is discussed with particular reference to the forms which are currently most popular : + Access Control Lists (ACL) and + capabilities.