A security model is an abstraction of how one goes about controlling access to protected data. Like firewalls, security models come in various shapes and sizes because requirements for various applications and their environments can differ vastly. Multiple ways to classify security models are available, including the following:
MAC and DAC models
Data and information security models
Static and dynamic models
One classification of security models centers on the concept of mandatory access control, or MAC. In a MAC security model, entities within a system are either subjects, roughly corresponding to the notions of users, processes, machines, and so on, or objects, roughly corresponding ...