Discretionary access control

Posted on June 7th, 2010 by admin

Share |

Discretionary access control (DAC) is an access policy determined by the owner of an object. The owner decides who is allowed to access the object and what privileges they have.

Two important concepts in DAC are

File and data ownership: Every object in the system has an owner. In most DAC systems, each object’s initial owner is the subject that caused it to be created. The access policy for an object is determined by its owner.
Access rights and permissions: These are the controls that an owner can assign to other subjects for specific resources.

Access controls may be discretionary in ACL-Based (Access Control List) or Capability-Based access control systems. (In capability-based systems, there is usually no explicit concept of ‘owner’, but the creator of an object has a similar degree of control over its access policy.)

This entry was posted on Monday, June 7th, 2010 at and is filed under Access Control, Discretionary access control. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Discretionary access control”

Bruno Liehr Says:
September 9th, 2010 at
I found this information usefull.
Sunday Bohol Says:
September 9th, 2010 at
I found this information usefull.

* Mandatory Fields

Name

Email *

Phone number *

Question * (Max. 250 characters)

Security Key *

Discretionary access control

2 Responses to “Discretionary access control”

Leave a Reply

Search

Categories

Tags

Ask For An Expert Advice

Recent Posts

Archives