Next: Security in WinNT
Up: No Title
Previous: Revocation of Access Rights
Ring structured hierarchical domains (0-7)
The lower the ring number, the higher the privileges - with the operating
system at ring 0 or D0 (domain 0)
- Segmented address space, with segment = file
- Segment has ring number (j) + R, W, X access bits
- Process has current ring number (i) to indicate domain in which it is executing
- Process can access any segment for which j
i, and the relevant access bit
is set
- Process can perform a controlled switch to another domain by calling a
procedure in the other domain
- The Segment descriptor includes :
Access bracket : upper (b2) and lower (b1) limits from which call can take place
to any procedure
Gate List - list of entries which may be called
Limit for calls to gates (b3)
A procedure in ring (i) can call procedure in segment (j) if :
- (i) is less than (j) - calling process transferring to less privileged ring.
May have to copy segments to area which can be accessed by less privileged procedure
- (i) lies between b1 and b2 - calling process within access bracket - call
any procedure in segment
- (i) is greater than b2, but (i)
b3 - call to a gate - controlled entry
(to a more privileged OS procedure)
This violates principle of least privilege.
Process in ring (i) can access any segment with (j) greater than (i)
Omer F Rana
Sun Feb 16 17:49:18 GMT 1997