Computer access control
[citation needed] In any access-control model, the entities that can perform actions on the system are called subjects, and the entities representing resources to which access may need to be controlled are called objects (see also Access Control Matrix).
[citation needed] Although some systems equate subjects with user IDs, so that all processes started by a user by default have the same authority, this level of control is not fine-grained enough to satisfy the principle of least privilege, and arguably is responsible for the prevalence of malware in such systems (see computer insecurity).
[citation needed] Access control systems provide the essential services of authorization, identification and authentication (I&A), access approval, and accountability where:[citation needed] Authorization involves the act of defining access-rights for subjects.
[3] Accountability uses such system components as audit trails (records) and logs, to associate a subject with its actions.
[citation needed] Many systems can generate automated reports, based on certain predefined criteria or thresholds, known as clipping levels.
– Definition of clipping level:[4] a disk's ability to maintain its magnetic properties and hold its content.
[citation needed] Discretionary access control (DAC) is a policy determined by the owner of an object.
(In capability-based systems, there is usually no explicit concept of 'owner', but the creator of an object has a similar degree of control over its access policy.)
Management is often simplified (over what is required) if the information can be protected using hierarchical access control, or by implementing sensitivity labels.
MAC controls read and write permissions based on a user's clearance level and additional labels.
RBAC controls collections of permissions that may include complex operations such as an e-commerce transaction, or may be as simple as read or write.
In attribute-based access control (ABAC),[5][6] access is granted not based on the rights of the subject associated with a user after authentication, but based on the attributes of the subject, object, requested operations, and environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes.
Break-Glass (also called break-the-glass) try to mitigate this by allowing users to override access control decision.
