Print this chapterPrint this chapter

Access Control Fundamentals

11. Access Control Technologies

11.4. Security Domain

Introduction
  • A domain is a set of resources that are available to a subject.
  • A security domain refers to the set the resources working under the same security policy and managed by the same group.
  • Domains can be separated by logical boundaries, such as
    • Firewalls with ACL’s
    • Directory services making access decisions
    • Objects that have their own ACL’s indicating which individual or group can access them.
  • Domains can be architected in a hierarchical manner that dictates the relationship between the different domains and the ways in which subjects within the different domains can communicate.
  • Subjects can access resources in domains of equal or lower trust levels.