1. Permission for a subject to access a particular object for a specific type of operation. Note: An example of an access right is the permission for a process to read a file but not write to it. [2382-pt.8]2.Authorization of access. Notes: [a] Access rights may be more or less explicit, both in the granularity of definition of subjects and objects used in implementing the security policy and in authorization of different types of access (eg read, write, execute), [b] Within a given context (for example within an Electronic Security Environment or a database) access rights exist insofar as they are not denied. See also: Need-to-Know, Least Privilege [CESG].