Access control systems can treat any of the following as subjects:
• Users
• Computers
• Applications
• Networks
Access control systems can treat any of the following as objects:
• Data (stored in files, folders, and shares)
• Hardware (such as desktop computers, servers, and printers)
• Applications (such as a web server application)
• Networks (such as an Internet connection or an internal connection)
• Facilities (controlled with physical security)
Remember: Depending on the scenario; everything listed here could be either a subject or an Object; but DATA is always an Object
Please post similar concise yet informative articles more often. Easy to read and comprehend for non-IT individuals.
Thanks Tayeeba. I will. Stay tuned. 🙂