<P> In some models, for example the object - capability model, any software entity can potentially act as both subject and object . </P> <P> As of 2014, access - control models tend to fall into one of two classes: those based on capabilities and those based on access control lists (ACLs). </P> <Ul> <Li> In a capability - based model, holding an unforgeable reference or capability to an object provides access to the object (roughly analogous to how possession of one's house key grants one access to one's house); access is conveyed to another party by transmitting such a capability over a secure channel </Li> <Li> In an ACL - based model, a subject's access to an object depends on whether its identity appears on a list associated with the object (roughly analogous to how a bouncer at a private party would check an ID to see if a name appears on the guest list); access is conveyed by editing the list . (Different ACL systems have a variety of different conventions regarding who or what is responsible for editing the list and how it is edited .) </Li> </Ul> <Li> In a capability - based model, holding an unforgeable reference or capability to an object provides access to the object (roughly analogous to how possession of one's house key grants one access to one's house); access is conveyed to another party by transmitting such a capability over a secure channel </Li>

An older type of door access system might use a proximity sensor