2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet539/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   535   536   537   538   539   540   541   542   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Subject
A
subject
is an active entity that accesses a passive object to receive information 
from, or data about, an object. Subjects can be users, programs, processes, services, com-
puters, or anything else that can access a resource. When authorized, subjects can modify 
objects. 
Object
An
object
is a passive entity that provides information to active subjects. Some 
examples of objects include fi les, databases, computers, programs, processes, services, 
printers, and storage media. 
You can often simplify the access control topics by substituting the word 
user
for
subject
and the word
file
for
object
. For example, instead of

subject accesses an object
, you can think of it as
a user accesses a file

However, it’s also important to remember that subjects include more than 
users and objects include more than just files.
You may have noticed that some examples, such as programs, services, and computers, 
are listed as both subjects and objects. This is because the roles of subject and object can 
switch back and forth. In many cases, when two entities interact, they perform different 
functions. Sometimes they may be requesting information and other times providing infor-
mation. The key difference is that the subject is always the active entity that receives infor-
mation about, or data from, the passive object. The object is always the passive entity that 
provides or hosts the information or data. 
As an example, consider a common web application that provides dynamic web pages to 
users. Users query the web application to retrieve a web page, so the application starts as 
an object. The web application then switches to a subject role as it queries the user’s com-
puter to retrieve a cookie and then queries a database to retrieve information about the user 
based on the cookie. Finally, the application switches back to an object as it sends dynamic 
web pages back to the user.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   535   536   537   538   539   540   541   542   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish