3.2. Explain common access control models and the differences between each.
The mechanism by which users are granted or denied the ability to interact with and use resources is known as access control. Access control is often referred to using the term authorization. Authorization defines the type of access to resources users are granted—in other words, what users are authorized to do. Authorization is often considered the next logical step immediately after authentication. Authentication is proving your identity to a system or the act of logging on. With proper authorization or access control, a system will properly control access to resources in order to prevent unauthorized access.
For more information on this topic, refer to Chapter ...