Security mechanism is implemented to offer data confidentiality and integrity. This means, a high level of assurance is offered that data, objects or resources are restricted from unauthorized subjects. If a threat exists against confidentiality, unauthorized disclosure could take place. If a threat exists against integrity, unauthorized modification could take place.
There are two entities that are significant in security mechanism: Subject and Object.
An object is the passive element in a security relationship, such as files, computers, network connections, and applications. A subject is the active element in a security relationship, such as users, programs and process. A subject acts upon or against an object. Whenever one entity acts on another there should also be a mechanism in place to control the action. The relations between this subject and object is managed by a way called access control.
Thus, the management of the relationship between subjects and objects is known as access control.
No comments:
Post a Comment