Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Access Control List

Alternate Forms

  • Ackle Prononciation

  • ACL Acronym

...

A digital representation listing the principals that have access to a resource and the operations that they are authorized to execute on that resource. It is attached to the resource.it.

It is used by the reference monitor to allow or deny access requests to the resource.

It is a discretionary access control mechanism, i.e. authorized users such as resource owners have the possibility to modify it, effectively granting and revoking access permissions.

It is linked to (and sometimes embedded in) the resource. This may be an advantage as it provides flexibility with an access granularity level set at the individual resource. This may be a disadvantage as managing ACLs at scale becomes inefficient, function of the number of resources, the number of principals and the stability of access decision factors.

It may be considered as resource metadata.

Related Terms

Quotes

Access Control List (ACL). The access matrix is implemented through a set of lists, one for each object (i.e., the columns of the matrix) in the system. The list associated with an object has an element for each subject holding a privilege on the object. This element contains the set of privileges the subject can exercise on the object. This is the way usually adopted by modern operating systems.

...