Date recorded 27 September 2011
Classic security uses access control, and, essentially, that does not work. Current systems are designed to say “no” and otherwise limit access, while another reason is code bugs. Real-world security currently is retroactive, an example being the financial system, in which mistakes or breaks can be undone after they occur. Typical access controls consist of both physical and principal boundaries, isolation of an item or information, control of access into this isolation, and policies stating who can have access.
©2012 Microsoft Corporation. All rights reserved.