Subject (Dictionary Entry)

Term	Subject
Context	IAM
Definition	In the IAM literature, the term subject is used with inconsistent definitions. For instance, (Benantar, 2006) defines it as a running process, a program in execution. On the other hand, (NIST IR 7316, 2006 and Bertino and Takahashi, 2010) use it to designate the external active agent on behalf of whom the process is running. Here, we use Benantar’s definition: the term subject designates a running process and the term entity designates the active agent on behalf of whom the process is running.
Quotes	A subject is the term used to identify a running process, a program in execution. Each subject assumes the identity and the privileges of a single principal. A principal may launch several processes within a single login session and thus will be associated with multiple subjects, each of which inherits the identity of the login session. Figure 1.2 illustrates the relationships between a user, a principal, and a subject. Benantar, 2006, p. 9 Subject: An active entity, generally in the form of a person, process, or device that causes information to flow among objects (see below) or changes the system state [NCSC88]. (NIST IR 7316, 2006, p. 3) Subjects are the parties, typically individuals, whose identity attributes are digitally recorded and used for transactions and other purposes. (Bertino and Takahashi, 2010, p. 25)
Sources	Benantar, 2006, p. 9 Bertino and Takahashi, 2010, p. 25 NIST IR 7316, 2006, p. 3 https://open-measure.atlassian.net/wiki/spaces/BIB/pages/82838556, p. 17
See Also	Entity (Dictionary Entry) https://open-measure.atlassian.net/wiki/spaces/DIC/pages/67600948 https://open-measure.atlassian.net/wiki/spaces/DIC/pages/82903275 Object (Dictionary Entry) Operation Principal (Dictionary Entry) https://open-measure.atlassian.net/wiki/spaces/STAK/pages/81101371 User