Ambient Authority Ambient authority is a term used in the study of access control systems.
A subject, such as a computer program, is said to be using ambient authority, if making a request that only specifies the names of the object(s) involved and the operation to be performed on them, is enough for a permitted action to succeed.
In this definition:
• a “name” is any way of referring to an object that does not itself include authorising information, and could potentially be used by any subject;
• an action is “permitted” for a subject if there exists any request that subject could make that would cause the action to be carried out.
The authority is “ambient” in the sense that it exists in a broadly visible environment (often, but not necessarily a global environment) where any subject can request it by name.
