With protected subsystems,
you have a mechanism to provide conditional access to data that is
not available with traditional OpenVMS access controls. Traditionally,
you give users privileges to bypass protection codes or access control
lists (ACLs). In giving these privileges, however, you grant users
a wide class of access. (See the “Assigning Privileges” chapter for information on the power
different privileges carry.) Protected subsystems avoid extensive
privilege use by individual users.