Access Control

Roles: permission, credential, scope, rotation, revocation, token, principal, resource

The system of rules determining who or what can access which resources, and under what conditions. As a target domain in computing, access control absorbs metaphors from physical security (keys, locks, vaults), authority structures (principals, delegates), and spatial reasoning (zones, scopes, boundaries). The domain manages identity, authentication, and authorization — three concerns that physical security collapses into one (possession of a key) but digital systems must separate.

Applied To This Frame (2)

• physical-security → Permissions Are Keys
• performance → Roles Are Theatrical Costumes