Access control matrix

Content sourced from Wikipedia, licensed under CC BY-SA 3.0.

Access control matrix: a simple way to describe who can do what with which objects in a computer system.

- It’s a formal model of protection state, showing the rights each subject has over every object.
- Origin: Butler W. Lampson in 1971.
- Picture it as a table: rows are subjects (users or processes), columns are objects (files, devices, memory). Each cell lists the actions a subject may perform on an object (like read, write, execute).
- Columns act like access control lists (ACLs) for objects; rows act like the subject’s profile of permissions.
- The model talks about three parts: objects to protect (O), active subjects (S), and rights (R). A right is a combination r(s, o) describing what a subject s may do with object o.
- Example: imagine two processes, two assets, a file, and a device. Process 1 owns asset 1, can execute asset 2, read the file, and write to the device. Process 2 owns asset 2 and can read asset 1.
- Limitations: it only captures a static snapshot of permissions and can be memory-heavy if implemented as a full 2D table. It doesn’t explain how permissions change over time.
- In practice, two common mechanisms—capability-based security and access control lists—can model the same kinds of permissions. Treating ACLs as just column-based or capabilities as just row-based is not always accurate, since real systems also involve dynamic behavior.