Abstract
Access control is the process of controlling every request to a system and determining, based on specified rules (authorizations), whether the request should be granted or denied. The definition of an access control system is typically based on three concepts: access control policies, access control models, and access control mechanisms. In this chapter, we focus on the traditional access control models and policies. In particular, we review two of the most important policies: the discretionary and mandatory access control policies. We therefore start the chapter with an overview of the basic concepts on which access control systems are based. We then illustrate different traditional discretionary and mandatory access control policies and models that have been proposed in the literature, also investigating their low-level implementation in terms of security mechanisms.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
