6
The Access Control Model
Object
Resource
Reference
monitor
Guard
Do
operation
Request
Principal
Source
Authorization
Audit log
Authentication
Policy
1. Isolation boundary
2. Access control
3. Policy
1.Isolation
Boundary to prevent attacks outside access-controlled
channels
2.Access
Control for channel traffic
3.Policy
management