Which of the following best describes the structure of an access control matrix in operating systems?
Think about how permissions are organized between users and resources.
An access control matrix is a conceptual model where each row corresponds to a subject (like a user or process), each column corresponds to an object (like a file or device), and each cell contains the rights the subject has over that object.
What is a major practical limitation of implementing a full access control matrix in real operating systems?
Consider what happens when there are many users and many resources.
The access control matrix can become huge because it must store permissions for every subject-object pair, which uses a lot of memory and is inefficient to manage.
Given the following access control matrix snippet:
File1 File2 Printer UserA rw r - UserB r rw w UserC - r rw
What are the permissions UserB has on File2 and Printer?
Look at the row for UserB and the columns for File2 and Printer.
UserB has 'rw' (read and write) permissions on File2 and 'w' (write) permission on Printer according to the matrix.
Which statement correctly compares access control matrices with Access Control Lists (ACLs) and capability lists?
Think about how permissions can be organized by objects or by subjects.
Access control matrices are conceptual. ACLs list permissions per object (columns), while capability lists list permissions per subject (rows). Both are practical ways to implement the matrix.
In a system using an access control matrix, what is the likely effect of frequently adding and removing subjects and objects on the matrix's management?
Consider what happens when the number of users and resources changes often.
Frequent changes require updating the matrix structure and entries, which is costly and complex, especially for large systems.