Introduction

Operating systems require a structured method for representing who can access which resources and what operations are permitted. In simple systems, permissions may appear straightforward, but modern operating systems manage thousands of users, processes, files, devices, and memory regions simultaneously. A formal and scalable protection model is therefore necessary.

The Access Matrix is one of the most important conceptual models used in operating system protection. It provides a systematic way to represent permissions between subjects and objects.

Although the Access Matrix is often taught as a theoretical model, it forms the foundation for many practical protection mechanisms used in real systems, including:

  • Access Control Lists (ACLs)

  • Capability systems

  • File permission systems

  • Database authorization systems

Understanding the Access Matrix is important because it explains how operating systems internally reason about permissions and protection policies.

What is an Access Matrix?

An Access Matrix is a protection model that represents the access rights of subjects over objects in a tabular form.

The matrix defines:

  • Which subject can access which object

  • What operations are allowed

Core Idea

Rows = Subjects
Columns = Objects
Cells = Permissions

Important Insight

The access matrix is a formal representation of system protection policies

Subjects and Objects

Subjects

Entities requesting access.

Examples:

  • Users

  • Processes

  • Threads

  • Applications

Objects

Resources being accessed.

Examples:

  • Files

  • Devices

  • Memory segments

  • Printers

  • Directories

Example Structure

Suppose we have:

  • Users: A, B

  • Files: F1, F2

Access matrix:

Subject/ObjectF1F2
ARead, WriteRead
BExecuteRead, Write

This means:

  • User A can read/write F1

  • User B can execute F1

Why Access Matrix is Necessary

Without a formal model:

  • Permissions become inconsistent

  • Protection becomes difficult to manage

  • Security policies become unclear

The Access Matrix provides:

  • Clarity

  • Formalization

  • Structured permission management

Important Insight

The access matrix provides a unified framework for access control

Access Rights in the Matrix

Each cell contains allowed operations.

Common rights:

  • Read

  • Write

  • Execute

  • Delete

  • Append

  • Modify

Example

User A → File X → Read, Write

This entry appears inside matrix cell.

Dynamic Nature of Access Matrix

Permissions are not fixed permanently.

Operating systems must support:

  • Granting permissions

  • Revoking permissions

  • Creating users

  • Deleting objects

Thus, the matrix changes dynamically.

Example

Administrator may:

  • Add new user

  • Remove file access

  • Transfer ownership

Matrix Operations

1. Copy Rights

One subject transfers rights to another.

Example

User A grants Read access to User B

2. Owner Rights

Owner may modify permissions.

Example

File owner changes ACL.

3. Control Rights

Control rights allow modification of another subject’s permissions.

Access Matrix Implementation Problem

In real systems:

  • Thousands of users

  • Millions of files

A complete matrix becomes enormous and sparse.

Most cells are empty because:

  • Most users cannot access most objects

Example

Large system:

1000 users × 1 million files

Storing full matrix is impractical.

Important Insight

Real access matrices are sparse and inefficient to store directly

Practical Implementations of Access Matrix

Real systems implement the matrix indirectly.

Two major approaches exist.

1. Access Control Lists (ACLs)

ACL stores permissions column-wise.

Each object maintains:

  • List of subjects

  • Their permissions

Example

File A:
User1 → Read
User2 → Read, Write

Characteristics

  • Object-centric

  • Easy to determine:
    “Who can access this object?”

Advantages

  • Good for file systems

  • Fine-grained control

Disadvantages

  • Harder to determine all rights of a subject

2. Capability Lists

Capability system stores permissions row-wise.

Each subject maintains:

  • List of accessible objects

  • Allowed operations

Example

Process A:
File1 → Read
Printer → Use
Disk → Write

Characteristics

  • Subject-centric

  • Easy to determine:
    “What resources can this subject access?”

Advantages

  • Efficient delegation

  • Fast permission checking

Disadvantages

  • Harder to revoke permissions globally

Access Matrix and Protection Domains

Each row of matrix corresponds to:

Protection domain of subject

The row defines:

  • Resources accessible

  • Operations allowed

Example

Process P:
Read → File A
Write → File B
Execute → Program C

This row represents process protection domain.

Revocation Problem

Removing permissions is challenging.

ACL Revocation

Easy:

  • Remove subject entry from object

Capability Revocation

Harder:

  • Capabilities distributed among subjects

Modern systems use:

  • Expiration

  • Indirection

  • Revocation lists

Access Matrix and Security Policies

Access matrix supports enforcement of:

  • Least privilege

  • Controlled sharing

  • Isolation

  • Authorization

It acts as theoretical foundation for secure systems.

Real-World Examples

UNIX/Linux

Implements simplified ACL system:

  • Owner

  • Group

  • Others

Windows

Uses advanced ACL structures.

Capability-Based Systems

Examples:

  • KeyKOS

  • Capsicum

  • seL4 capability mechanisms

Access Matrix vs Authentication

Authentication:

Verifies identity

Access Matrix:

Determines permissions

Example

User logs in:

  • Authentication verifies identity

  • Matrix determines allowed actions

Important Insight

Authentication identifies users; access matrix determines permissions