An Access Control List (ACL) is a table that defines which users or systems have permissions to access specific resources and what actions they can perform. File system ACLs specify read, write, and execute permissions for files and directories. Network ACLs on routers and firewalls permit or deny traffic based on source, destination, port, and protocol.
ACLs implement discretionary access control at a granular level. Each resource can have different permissions for different subjects. Managing ACLs at scale becomes complex, which is why organizations often adopt role-based approaches that assign permissions through roles rather than individual ACL entries.
CISSP Relevance
ACLs appear in Domain 4 (Communication and Network Security) for network access control and Domain 5 (Identity and Access Management) for resource permissions. Understand ACL structure, how they implement DAC, the order of rule processing, and the scalability challenges that led to RBAC adoption.
Network ACL concepts are covered in NIST SP 800-41 on Firewalls.
Related terms: Access Control, Role-Based Access Control