What is the process of controlling access to resources such as computers, files, or printers called?

The process of controlling access to resources such as computers, files, or printers is known as authorization. This involves determining whether a user has the right to access a particular resource after they have been authenticated. Authorization ensures that users are granted permissions based on their identity, roles, or attributes, allowing for a structured and secure method of resource management.

When a user attempts to access a resource, the system first verifies their identity through authentication. Once authenticated, the system checks the user's permissions and decides if access should be granted or denied based on the predefined access control policies. This is vital for protecting sensitive information and ensuring that only authorized personnel have access to certain resources, aligning with principles of least privilege and need-to-know.

In contrast to this, mandatory access control refers to a strict policy model where access rights are regulated by a central authority based on multiple levels of security. Authentication is the process of verifying a user's identity, and conditional access involves policies that determine access based on certain conditions or contexts, such as user location or device status. These concepts are related to access control but represent different aspects of the broader security framework.