access 制御
DAC (discretionary access control)
MAC (mandatory access control)
ReBAC (relation-based access control)
ABAC (atribute-based access control)。PBAC (policy-based access control)。CBAC (claims-based access control)
attribute
subject attribute
action attribute
object attribute
contextual (environment) attribute
point
PEP (policy enforcement point)
PDP (policy decision point)
PIP (policy information point)