Access controls are a form of technical security controls. Subjects and objects are two important terminologies. A subject is an active entity, such as an action (modification or access to a file, for example). An object is a static system entity, such as text file or a database. Basically, there are three types of access control models, described as the following:
- Mandatory Access Control (MAC): The system checks the identity of a subject and its permissions with the object permissions. So usually, both subjects and objects have labels using a ranking system (top secret, confidential, and so on).
- Discretionary Access Control (DAC): The object owner is allowed to set permissions to users. Passwords are a form of DAC. ...