3.3. Access Control
In a computer system, users typically wish to read and write files, browse directories, and execute programs. In multi-user systems, different users will be authorized to access different resources. In other words, there generally will be a security policy that determines the resources to which each user has access.
An authorization service (also known as a reference monitor or access control mechanism) is a computer program that enforces an authorization policy (or access control policy). Any computer system that offers any level of protection will ensure that the authorization service intercepts all user requests to access resources in order to ensure that all user requests are properly authorized before a user gains access ...
Get Information Assurance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
