Access Control Lists (ACLs): Definition & Purpose

Instructor: Beth Hendricks

Beth holds a master's degree in integrated marketing communications, and has worked in journalism and marketing throughout her career.

Access control lists help organizations control how and what users have permission to access on a network. In this lesson, you'll learn more about access control lists, how they function and see an example in action.

Getting Permission

Remember those field trips you used to take in elementary school? Maybe it was to the zoo or a museum and you likely looked forward to it for weeks or months. In order to attend, however, you had to have a permission slip signed by your parent or guardian giving the teacher and school consent to take you off on the excursion. Without that permission slip, you weren't allowed to attend. Cue sad face.

In the computer science and information technology world, there are certain types of ''permission slips'' as well that give end users permission to access different types of systems and files at a business. Let's talk a bit more about these.

Understanding ACLs

The permission-based system we're talking about in this lesson has to do with access control lists, sometimes abbreviated ACL. This is a more sophisticated ''permission slip'' system that tells a computer system how much access to give to a user. An access control list can control rights and privileges to anything from a network device to file storage systems and everything in between. In short, this list includes all of the information necessary to govern what level of access each person in an organization has.

Think about an access control list as a type of spreadsheet attached to a system object. On the spreadsheet, you have a list of all of the users who have access to that system. Alongside each user's name, you have the level of access privileges each person has been granted. For example, some employees may receive administrator privileges, while others are simply included at the basic user level. Most ACLs are designed in complex matrices, or arrays of numbers rather than a simple spreadsheet, however.

The great thing about access control lists lies in its ability to prevent unauthorized access to vulnerable services by identifying systems and specifying which users, protocols, or services are allowed. A hospital, for instance, might limit the types of employees who have access to sensitive patient data, while giving broader access privileges to medical personnel who interact directly with patients. This offers added security layers for organizations.

Common access privileges must be given to read a file, to edit it or make changes or to share it outside of an organization. Different types of access can be granted for devices, files, programs, or even domains on the network.

Control on Google Drive

Today, many organizations utilize the features of Google Drive to help their businesses run. Google Drive offers companies a cloud storage option for files, photos and documents used by employees across their organization.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 160 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Create an account to start this course today
Try it risk-free for 30 days!
Create An Account