Access Control Models

In the previous section, you learned some common ways that access should be limited such as by need-to-know, least privilege, and separation of duties. In this section, you will learn about four access control models: mandatory access control (MAC), discretionary access control (DAC), role-based access control (RBAC), and rule-based access control (RB-RBAC). Read the section in this article on access control models. Pay attention to the basis of each control model and the type of agency that would use each model. This article does not cover RBAC, but it will be discussed in a subsequent section.


  • An access control model is a framework that dictates how subjects access objects.
  • It uses access control technologies and security mechanisms to enforce the rules and objectives of the model.
  • There are three main types of access control models:
    • Discretionary,
    • Mandatory, and
    • Nondiscretionary (also called role-based).

Discretionary Access Control

  • The control of access is based on the discretion (wish) of the owner
  • A system that uses DAC enables the owner of the resource to specify which subjects can access specific resources
  • The most common implementation of DAC is through ACL’s which are dictated and set by the owners and enforced by the OS.
  • Examples: Unix, Linux, Windows access control is based on DAC
  • DAC systems grant or deny access based on the identity of the subject. The identity can be user identity or a group identity (Identity based access control)

Mandatory Access Control

  • This model is very structured and strict and is based on a security label (also known as sensitivity label) attached to all objects
  • The subjects are given security clearance by classifying the subjects as secret, top secret, confidential etc.) and the objects are also classified similarly
  • The clearance and the classification data is stored in the security labels, which are bound to the specific subject and object.
  • When the system makes a decision about fulfilling a request to access an object it is based on the clearance of the subject, the classification of the object and the security policy of the system
  • This model is used and is suitable for military systems where classifications and confidentiality is of at most important
  • SE Linux, by NSA, trusted Solaris are examples of this model
  • Security label are made up of a classification and categories, where classification indicates the security level and the categories enforce need to know rules.

Non-Discretionary or Role Based Access Control

  • A RBAC is based on user roles and uses a centrally administered set of controls to determine how subjects and objects interact.
  • The RBAC approach simplifies the access control administration
  • It is a best system for a company that has high employee turnover.
  • Note: The RBAC can be generally used in combination with MAC and DAC systems



Access Control Owner

Sec Policy enforced by


Data Owners



Operating Systems

Security Labels



Roles/ Functional Position


Creative Commons License This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.

Last modified: Saturday, November 21, 2020, 9:46 PM