Access control is the protection of information resources or services from access or use by unauthorized entities (organizations, people, machines, processes). That is to say, access control refers to the prevention of unauthorized use of a resource (i.e., this service controls who can have access to certain resources, under what conditions access can occur, and what those accessing the resources are allowed to do).
To achieve this service, each entity trying to gain access must be first identified, or authenticated, so that access rights can be tailored to the individual. In order to better understand access control it is important to define the following concepts:
The Access control lists (ACLs) are the most typical protection mechanism used to offer this service.