Controlling Access to Data

Access control governs the resources that an authenticated user is able to read, modify, or write. Data is a major resource of interest in any security scheme that determines what source data a user is allowed to access. You may be more familiar with the terms authentication (making sure the user is who they say they are) and authorization (making sure they can access the data they are entitled to see now that I know who they are).

The ways by which data access can be controlled are discussed below: