Access Control Fundamentals
11. Access Control Technologies
11.4. Security Domain
Introduction
- A domain is a set of resources that are available to a subject.
- A security domain refers to the set the resources working under the same security policy and managed by the same group.
- Domains can be separated by logical boundaries, such as
- Firewalls with ACL’s
- Directory services making access decisions
- Objects that have their own ACL’s indicating which individual or group can access them.
- Domains can be architected in a hierarchical manner that dictates the relationship between the different domains and the ways in which subjects within the different domains can communicate.
- Subjects can access resources in domains of equal or lower trust levels.