Revoke of Access Rights
In a dynamic system we may need to revoke access justice to objects.
Several issues are important:
- Revocation are promptly or delayed.
- Revocation is general (affects all users) or selective (affects only certain users).
- Revocation is total (affects all access rights) or partial (affects subset of the rights).
- Revocation is timed or permanent.
Easy to deploy with access lists.
Harder to implement with capability lists.