2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet361/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   357   358   359   360   361   362   363   364   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Abstraction
Abstraction
is one of the fundamental principles behind the field known as 
object-oriented 
programming
. It is the “black-box” doctrine that says that users of an object (or operating 
system component) don’t necessarily need to know the details of how the object works; they 
need to know just the proper syntax for using the object and the type of data that will be 
returned as a result (that is, how to send input and receive output). This is very much what’s 
involved in mediated access to data or services, such as when user mode applications use 
system calls to request administrator mode services or data (and where such requests may 
be granted or denied depending on the requester’s credentials and permissions) rather than 
obtaining direct, unmediated access.
Another way in which abstraction applies to security is in the introduction of object 
groups, sometimes called 
classes
, where access controls and operation rights are assigned 
to groups of objects rather than on a per-object basis. This approach allows security 

382
Chapter 9 

Security Vulnerabilities, Threats, and Countermeasures
administrators to define and name groups easily (the names are often related to job roles 
or responsibilities) and helps make the administration of rights and privileges easier (when 
you add an object to a class, you confer rights and privileges rather than having to manage 
rights and privileges for each object separately).
Data Hiding
Data hiding
is an important characteristic in multilevel secure systems. It ensures that data 
existing at one level of security is not visible to processes running at different security lev-
els. The key concept behind data hiding is a desire to make sure those who have no need to 
know the details involved in accessing and processing data at one level have no way to learn 
or observe those details covertly or illicitly. From a security perspective, data hiding relies 
on placing objects in security containers that are different from those that subjects occupy 
to hide object details from those with no need to know about them.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   357   358   359   360   361   362   363   364   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish