Access control: principle and practice

1 September 1994

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Communications Magazine

Vol. 32 (9) , 40-48
https://doi.org/10.1109/35.312842

Abstract

Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do. In this way access control seeks to prevent activity that could lead to a breach of security. This article explains access control and its relationship to other security services such as authentication, auditing, and administration. It then reviews the access matrix model and describes different approaches to implementing the access matrix in practical systems, and follows with a discussion of access control policies commonly found in current systems, and a brief consideration of access control administration.

Keywords

This publication has 4 references indexed in Scilit:

Lattice-based access control models
Computer, 1993
Authorizations in relational database management systems
Published by Association for Computing Machinery (ACM) ,1993
Trusted products evaluation
Communications of the ACM, 1992
Authentication for distributed systems
Computer, 1992