Controlling who has access to a computer or online service and the information it stores.
NIST: The process of granting or denying specific requests for or attempts to: 1) obtain and use information and related information processing services; and 2) enter specific physical facilities.
Adapted from: CNSSI 4009
(Also see Access Control Mechanism)
