Definitions[]
An access control service
“ | [is a] security service that protects against a system entity using a system resource in a way not authorized by the system's security policy.[1] | ” |
“ | provides means to ensure that resources are accessed by subjects only in an authorized manner. Resources concerned may be the physical system, the system software, applications and data. [2] | ” |
Overview[]
"The access control service can be defined and implemented at different levels of granularity in the TMN: at agent level, object level or attribute level. The limitations of access are laid out in access control information: the means to determine which entities are authorized to have access; what kind of access is allowed (reading, writing, modifying, creating, deleting).[3]
References[]
- ↑ RFC 4949.
- ↑ Compendium of Approved ITU-T Security Definitions, at 2.
- ↑ Id.