In a security context, subject is normally a user but could be a process, computer or an organisation. A subject is active. It always receives information about, or data from, the object.
On the other hand, an object is the entity that always provides or hosts information or data.
A process accessing a database is a subject whereas the database and its components are objects.
The two roles of subject and object can switch while two entities communicate to accomplish a task.
No comments:
Post a Comment