0
0
Operating Systemsknowledge~5 mins

Capability-based security in Operating Systems - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualPracticeChallengeProjectRecallTime
Recall & Review
beginner
What is capability-based security?
It is a security model where access to resources is controlled by unforgeable tokens called capabilities, which specify the rights a user or process has.
Click to reveal answer
intermediate
How do capabilities differ from traditional access control lists (ACLs)?
Capabilities are tokens held by users or processes granting access, while ACLs list permissions attached to resources. Capabilities move with the user, ACLs stay with the resource.
Click to reveal answer
intermediate
Why are capabilities considered unforgeable?
Because the system ensures capabilities cannot be copied or altered by unauthorized users, often by using protected memory or cryptographic methods.
Click to reveal answer
beginner
Give a real-life example similar to capability-based security.
Like having a hotel room key card that only opens your room. The card (capability) grants you access without needing to check a list every time.
Click to reveal answer
intermediate
What is a key benefit of capability-based security?
It simplifies access control by directly associating rights with tokens, reducing the risk of unauthorized access and making delegation easier.
Click to reveal answer
What does a capability in capability-based security represent?
AA password for user login
BA list of users allowed to access a resource
CA token granting specific access rights
DA firewall rule
Which of the following is a key feature of capabilities?
AThey can be easily forged by users
BThey are unforgeable tokens
CThey are stored only on the resource
DThey list all users with access
In capability-based security, who holds the capability?
AThe user or process needing access
BThe system administrator only
CThe resource owner only
DNo one holds capabilities
How does capability-based security improve delegation?
ABy disabling access sharing
BBy requiring passwords for every access
CBy listing all users in an ACL
DBy allowing capabilities to be passed to others
Which analogy best describes capability-based security?
AA hotel room key card
BA public notice board
CA locked door with no key
DA guest list at a party
Explain what capability-based security is and how it controls access to resources.
Think about how a token or key can grant access without checking a list.
You got /3 concepts.
    Describe the advantages of using capabilities over traditional access control lists.
    Consider how capabilities make sharing and controlling access easier.
    You got /4 concepts.