In the fields of physical security and information security, access control is the selective
restriction of access to a place or other resource. The act of accessing may mean consuming,
entering, or using. Permission to access a resource is called authorization（授权）.
An access control mechanism（  ）between a user （or a process executing on behalf of
a user） and system resources, such as applications, operating systems, firewalls; routers, files,
and  databases.  The  system  must first authenticate（验证）a user seeking access. Typically  the authentication function determines whether the user is  （  ） to access the system at all.
Then the access control function determines if the specific requested access by this user is
permitted. A security administrator maintains an authorization database that specifies what type
of access to which resources is allowed for this user.  The access control function consults this
database to determine whether to（  ） access. An auditing function monitors and keeps a
record of user accesses to system resources.                                                                             
In practice, a number of（  ）may cooperatively share the access control function. All
Operating systems have at least a rudimentary（基本的）.and in many cases a quite robust, access
control component. Add-on security packages can add to the （  ）access control capabilities
of the OS. Particular applications .or utilities, such as a database management system, also
incorporate access control functions. External devices, such as firewalls, can also provide access
control services .