Definition:
… who is authorized to access to the product (both functionality and data), under what circumstances that access is granted, and to which parts of the product access is allowed.
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.