Print this chapterPrint this chapter

Access Control Fundamentals

12. Access Control Models

12.1. Discretionary Access Control

  • The control of access is based on the discretion (wish) of the owner
  • A system that uses DAC enables the owner of the resource to specify which subjects can access specific resources
  • The most common implementation of DAC is through ACL’s which are dictated and set by the owners and enforced by the OS.
  • Examples: Unix, Linux, Windows access control is based on DAC
  • DAC systems grant or deny access based on the identity of the subject. The identity can be user identity or a group identity (Identity based access control)