Discretionary access control
Discretionary access control (DAC) is an access policy determined by the owner of an object. The owner decides who is allowed to access the object and what privileges they have.
Two important concepts in DAC are
- File and data ownership: Every object in the system has an owner. In most DAC systems, each object’s initial owner is the subject that caused it to be created. The access policy for an object is determined by its owner.
- Access rights and permissions: These are the controls that an owner can assign to other subjects for specific resources.
Access controls may be discretionary in ACL-Based (Access Control List) or Capability-Based access control systems. (In capability-based systems, there is usually no explicit concept of ‘owner’, but the creator of an object has a similar degree of control over its access policy.)
September 9th, 2010 at
I found this information usefull.
September 9th, 2010 at
I found this information usefull.