•
                                                       •
                      1.
                                           •
                                                                                 •
                                                                                       •
                                                             •
                                                                           •
               2.
                             Two
                      by
               by
   Operating
                                    Matrix
                                                                                                     Access
                                                                           sets
                                                             files
                                                                                              Subject
                                                                    Objects
                                                                                       users
                                                                                                               Access
                                    is
                                                                           of
                                                       devices
   Systems
                                                                                              (or
                                           message
                                                 domains
                                                                    are
                                                                                       e.g.
                                                                                 executing
                      object:
   —
                                                 /
               subject:
                             common
                                                                                                     matrix
                                    large
                                                                           users
                                                                                       by
                                                                                                     is
                                           ports
                                                                           or
                                                                                                     a
                                                                    things
                                                                                                               matrix
                      store
                                    and
   Protection
                                                                                       uid
               store
                                                                                 process
                                           (in
                                                                                              principal)
                      list
                                                                    like:
                                                                                 in
                                                 processes
               list
                                                                                 a
                      of
                                                                                                     matrix
                                    sparse
               of
                                                                                              might
                                                                           processes
                                                                                                     of
                                    ⇒
                             representations:
                                                                                              be:
               objects
                      subjects
                                           microkernels)
                                    don’t
                                                                                 protection
                                                                                                     subjects
                      and
               and
                                    want
                                    to
                                                                                 domain
                      rights
               rights
                                                                                                     against
                                    store
                      with
               with
                                    it
                                                                                                     objects.
               each
                                    all.
                      each
                      object
               subject
                      ⇒
               ⇒
                      access
               capabilities
                      control
                      list
   104