In the relations to information technology, access control is concerned within determining the permitted functions of legitimate users, mediating every attempt by user to access a resource in the system. A typical information technology infrastructure can implement access control systems in many places and at different levels. Operating systems use access control to protect files and directories. A database management systems DBMS applies access control to regulate access to tables and views. Most commercially available applications systems implement access control, often independent of the operating systems and database management systems on which they are installed.
The objectives of an access control system are often described in terms of protecting system resources against inappropriate or undesired user access. From a business perspective, this objective could just as well be described in the terms of the optimal sharing information. However, the many objective of IT is make information available to users and applications. A greater degree of sharing may get in the way of resource protection; in reality, a well-managed and effective access control system actually facilitates sharing. A sufficiently fine-grained access control mechanism can enable selective sharing of information where in its absence, sharing may be considered too risky altogether.
One of the various access controls is Discretionary Access Control (DAC), which leaves a certain amount of access control to discretion of the object’s owner or anyone else who is authorized to control the object’s access. For example, generally a user is limited to accessing a file; however, an owner of the file has control of other user’s access to the file. Another access control is Mandatory Access Control policy, which means that access control policy decisions are made by central authority, not by the individual owner of an n object and the owner cannot change access rights. For example, within...