---
id: agent-brief/model-access-control
artifact_id: model/access-control
source_path: models/access-control/InfoTechCanonAccessControlModel.md
source_kind: model
generated: true
---

<!-- GENERATED by info_tech_canon; do not edit by hand. -->

# Agent Brief: InfoTechCanon Access Control Model

- Artifact ID: `model/access-control`
- Kind: `model`
- Canonical path: `models/access-control/InfoTechCanonAccessControlModel.md`
- Full source: `models/access-control/InfoTechCanonAccessControlModel.md`
- Summary: Domain model used by canon profiles and standards: InfoTechCanon Access Control Model.

## Retrieval Hints

Imports and anchors:
- `kernel/itc-core`
- `model/governance`
- `model/organization`

## Owned Concepts

- `InfoTechCanon Access Control Model`

## Related Distinctions

- **Actor vs Subject vs Principal**: Use actor for the acting entity in a context, subject for the entity a policy evaluates, and principal for the authenticated identity bound to access decisions.
- **Organization Role vs AccessRole vs CARING role**: Organization roles describe responsibility or position; access roles describe permissions; CARING roles classify access-governance needs and analysis.