The process of allowing or restricting permissions of data and networks. Goal is to conform to Principle of Least Privilege. Tools ACL Whitelist Blacklist