You work in the IT department at a government agency and are responsible for implementing security measures to regulate who or what can view or use resources in the agency's information system. What type of security measure is used to regulate who or what can view or use resources in an information system?