Access control is the set of policies, mechanisms, and procedures designed to manage and restrict the interactions between subjects (such as users or processes) and objects (such as data, resources, or systems). It ensures that only authorized entities can perform specific actions on protected resources according to defined rules. As a research field and academic concept, it investigates models (e.g., Discretionary, Mandatory, Role-Based, Attribute-Based), policies, enforcement architectures, and verification methods for granting, denying, and revoking permissions. Its key characteristics involve identification, authentication, authorization, and accountability, making it fundamental for ensuring confidentiality, integrity, and availability of information systems and complying with security regulations.