Which component ensures that only authorized users can access sensitive resources?

Access control is the mechanism that enforces who can do what with which resources. It starts with authenticating a user to confirm identity, then authorizing actions based on policies, roles, or attributes to grant or deny access. This direct enforcement is what prevents unauthorized users from reaching sensitive resources, by checking permissions before allowing actions like read, write, or execute. Tools and models such as access control lists, role-based access control, and attribute-based access control implement these policies at the point where access decisions are made. Boundary control governs traffic between networks and isn’t focused on individual user privileges; cryptography secures data but doesn’t determine who may access resources; a DMZ is a network zone for publicly accessible services and does not enforce internal resource access rights.