12.2. Objects and Subjects
Controlling access to any resource in a secure system involves two entities. The subject of the access is the user or process that makes a request to access a resource. Access can mean reading from or writing to a resource. The object of an access is the resource a user or process wants to access. Keep in mind that the subject and object refer to some specific access request, so the same resource can serve as a subject and an object in different access requests.
For example, process A may ask for data from process B. To satisfy process A's request, process B must ask for data from process C. In this example, process B is the object of the first request and the subject of the second request:
First request process A ...