The concept of authorization is central to any act of data manipulation which retains at least some vestiges of privacy or security of information. Very briefly, the basic question is “who may do what with a certain data object?” For our purposes, however, this is much too general; for example, it would include all the problems addressed in Chapter 2. In this chapter we will concern ourselves with the following situation. Any user of a data object has certain rights to it. We will discuss how such rights may be acquired, how they can be passed on to other users, whether they can be revoked, and how (if at all possible) a user can determine whether another user has the possibility in a given situation to exercise certain rights to this object. Therefore this chapter is concerned with the granting, the revoking, and the administration of certain privileges.
KeywordsData Object Turing Machine Transition Rule Regular Language Safety Problem
Unable to display preview. Download preview PDF.