next up previous
Next: Module Registration (REG) Up: Architecture and Implementation of Previous: List of Requests with

Architectural Diagram

Figure 1: RSBAC Architecture
\begin{figure*}
\begin{center}
\leavevmode
\epsfxsize 1.7\columnwidth
\epsfbox {arch.eps}\end{center}\end{figure*}

Figure 1 on page [*] shows the RSBAC implementation in the Linux kernel.

A typical system call interception (AEF component) places two calls to ADF: a request for decision and, if access has been granted and the system call functionality has been successfully performed, a notification. ACI data is only updated on the notification call, because the system call might fail from other reasons.



2001-09-17