SERVICES
ACCESS CONTROL
- Authorization specifies what a subject can do
- Identification and authentication ensure that only legitimate subjects can log on to a system
- Access approval grants access during operations, by association of users with the resources that they are allowed to access, based on the authorization policy
- Accountability identifies what a subject (or all subjects associated with a user)