Access control mechanisms ensure that a user is able to read and/or update only certain objects. With discretionary access control, it is the creator of an object who decides which other users should have access. A broad set of mechanisms have been developed to enforce discretionary access control in a computing system. This course will survey the two approaches widely used in these mechanisms: access control lists and capabilities. Through the use of case studies, you will review the pragmatics of implementations in processor hardware, operating systems, and programming languages.

It is recommended to only take this course if you have completed “Systems Security,” “Authenticating Machines,” and “Authenticating Humans,” or have equivalent experience.