Scribd
Upload
182 views2 pages

Discretionary Access Control

Discretionary access control (DAC) allows system owners to control access to resources by using access control lists (ACLs) to define user and group permissions. The DAC process involves identifying and authenticating users, checking their ACL to authorize access, granting access if authorized, and auditing access attempts and actions. DAC provides owners control over access, segmentation of resources by user roles, and flexibility to change permissions with accountability through auditing.

Uploaded by

Romildo Klement
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
182 views2 pages

Discretionary Access Control

Discretionary access control (DAC) allows system owners to control access to resources by using access control lists (ACLs) to define user and group permissions. The DAC process involves identifying and authenticating users, checking their ACL to authorize access, granting access if authorized, and auditing access attempts and actions. DAC provides owners control over access, segmentation of resources by user roles, and flexibility to change permissions with accountability through auditing.

Uploaded by

Romildo Klement
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Discretionary access control

Discretionary access control (DAC) is a type of access control system that allows the owner or
administrator of a system to determine who can access certain resources and data. This tutorial
will introduce you to the basics of discretionary access control, its features, and how it works.

Features of Discretionary Access Control

The main features of discretionary access control are as follows:

1. Owner-controlled access: The owner or administrator of a system determines who has access
to data and resources.

2. Access control lists: Access control lists (ACLs) are used to define the permissions of users
and groups.

3. Secure storage: The system stores the permissions and the data in a secure manner to prevent
unauthorized access.

4. User-based access: Users are granted access to data and resources based on their identity.

How Discretionary Access Control Works

The process of discretionary access control involves these steps:

1. Identification: Users are identified through their credentials, such as usernames and passwords.

2. Authentication: Users are authenticated to ensure that they are who they claim to be.

3. Authorization: The system checks the user's access control list (ACL) to determine whether
they are authorized to access the data or resources.

4. Access: Once the user is authorized, they are granted access to the data or resources.

5. Auditing: The system keeps a record of who accessed the data or resources and what actions
were taken.

Benefits of Discretionary Access Control

The main benefits of discretionary access control are as follows:

1. Control: Owners or administrators have complete control over who has access to data and
resources.

2. Segmentation: Data and resources can be segmented based on user roles, which provides a
more granular level of control.
3. Flexibility: Permissions can be granted and revoked as needed, which provides greater
flexibility and adaptability.

4. Accountability: Auditing and logging features provide accountability and a record of user
activity.

Conclusion

Discretionary access control provides a powerful way to control access to data and resources. By
understanding how it works and its features and benefits, you can build robust and secure
systems that protect your data and resources from unauthorized access.

You might also like