An Access Control List (ACL) is a security mechanism used in computer systems, networks, and applications to control access to resources. It defines rules that specify which users or systems are allowed (or denied) access to certain resources, such as files, directories, or network services.
Each entry in an ACL is called an Access Control Entry (ACE), which contains the following:
- Subject: The entity requesting access (e.g., a user, group, or process).
- Action: The type of operation being performed (e.g., read, write, execute).
- Resource: The object being accessed (e.g., a file, directory, or network segment).
- Permission: Specifies whether the action is allowed or denied.
Types of ACLs :
-
File System ACLs:
- Used in operating systems to manage access to files and directories.
- Example: NTFS ACLs in Windows or POSIX ACLs in Linux.
- Permissions include read, write, and execute.
-
Network ACLs:
- Applied to control traffic flow in computer networks.
- Found in routers, firewalls, and switches.
- Permissions include allowing or denying packets based on IP addresses, protocols, or ports.
- Example: ACLs in Cisco routers or AWS Security Groups.
