Access Control 31
Access Control 31 : Computer Security: Authentication methods and tokens include passwords, biometric scans, physical keys, electronic keys and devices, hidden paths, social barriers, and monitoring by humans and automated systems. In any access control model, the entities that can perform actions in the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects (See: Access Control Matrix). Subjects and objects should both be considered as software entities, rather than as human users: any human user can only have an effect on the system via the software entities that they control. Although some systems equate subjects with user IDs, so that all processes started by a user by default have the same authority, this level of control is not fine-grained enough to satisfy the Principle of least privilege, and arguably is responsible for the prevalence of malware in such systems (See: computer insecurity). In some models, for example the object-capability model, any software entity can potentially act as both a subject and object. Access control models used by current systems tend to fall into one of two classes: those based on capabilities and those based on access control lists (ACLs)
No records Found