1.4. Access Control and Security Models
A security model is an abstraction of how one goes about controlling access to protected data. Like firewalls, security models come in various shapes and sizes because requirements for various applications and their environments can differ vastly. Multiple ways to classify security models are available, including the following:
MAC and DAC models
Data and information security models
Static and dynamic models
1.4.1. MAC and DAC Models
One classification of security models centers on the concept of mandatory access control, or MAC. In a MAC security model, entities within a system are either subjects, roughly corresponding to the notions of users, processes, machines, and so on, or objects, roughly corresponding ...
Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.