Chapter 1. Subjects, Users, and Other Actors

Jesper M. Johansson

At the most basic level, everything in security boils down to subjects and objects. Objects are the things you protect, and subjects are the things you protect objects against. Subjects and objects are used in authentication (proving who you are), authorization (granting access to something), and auditing (tracking who accessed what). These concepts are fundamentally very simple. Subjects are users. Objects are files. Authentication, authorization, and auditing all have to do with how subjects and objects interact. That is the way it used to be, and ...

Get Windows Server® 2008 Security Resource Kit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.