Permission
What Is Permission?
In computer systems and information security, permission is the authorization granted to a subject, such as a user, process, or service, to perform a specific operation on a protected resource, such as a file, device, network socket, or database table. Permissions define the boundary between allowed and denied actions and are the primary mechanism by which operating systems, file systems, and applications enforce security policies. Each permission is typically represented as a right tied to a subject-object-operation triple: for example, read access for a given user on a particular directory.
The concept draws on formal models from computer security research, operating system design, and access control theory. Landmark work by Saltzer and Schroeder in the 1970s formalized principles such as least privilege and complete mediation that continue to guide permission system design in modern platforms from mobile devices to cloud infrastructure.
Access Control Models
The access control matrix, proposed by Lampson in 1971, is the foundational formal model for permissions: a two-dimensional table in which rows represent subjects, columns represent objects, and each cell lists the operations the subject may perform on that object. Because storing a complete matrix is impractical for large systems, two derived representations are used in practice. An access control list (ACL) stores, for each object, the set of subjects permitted to access it and under what conditions; POSIX file permissions and Windows NTFS permissions are ACL implementations. A capability list stores, for each subject, the set of objects it is authorized to access. Role-based access control (RBAC), standardized in NIST Special Publication 800-192 and published by ACM in a foundational survey, assigns permissions to roles rather than individual users, then assigns users to roles based on job function, reducing administrative overhead in large organizations.
Permission Enforcement Mechanisms
Permissions are enforced by a reference monitor, a trusted subsystem that intercepts every access request and checks it against the authorization policy before allowing the operation. In Unix-derived operating systems, the kernel enforces permissions on every system call that touches a protected resource; file permissions are encoded in inode metadata as owner, group, and other bits, each with read, write, and execute flags. In attribute-based access control (ABAC) systems, the policy engine evaluates Boolean conditions over subject attributes (user department, clearance level), object attributes (data classification), and environmental attributes (time of day, network location) to reach an allow or deny decision. The ACM Computing Surveys empirical analysis of access-control systems examines how these enforcement models perform across real-world deployments, identifying common misconfigurations and privilege escalation paths that arise when permission policies grow complex.
Principle of Least Privilege
The principle of least privilege states that a subject should hold only the permissions required to accomplish its current task and no more. Saltzer and Schroeder's 1975 paper, archived at the University of Virginia, introduced this principle alongside complete mediation and open design as properties of secure systems. Operating systems implement least privilege through mechanisms such as Unix setuid bits, Linux capabilities (which divide superuser privileges into granular rights), and Windows integrity levels. Container and microservice architectures apply least privilege at the service level by granting each service only the network ports, file paths, and API scopes it specifically requires. Auditing permission grants over time is necessary because privilege creep, the accumulation of unneeded permissions as users change roles, routinely produces security exposures in enterprise environments.
Applications
Permissions have applications across a wide range of computing and information security contexts, including:
- Operating system file and process isolation
- Cloud identity and access management (IAM) policy enforcement
- Mobile application runtime permission models for sensors and location data
- Database row-level and column-level security
- OAuth 2.0 authorization scopes in web API ecosystems