← Cybersecurity Alphabet Soup

DAC

Discretionary Access Control

identitymedium

Under DAC, the owner of a resource decides who else can access it, for example by setting file permissions or sharing a document. It is the default model in most operating systems because it is simple and flexible. The tradeoff is that owners can grant access carelessly, so it offers weaker guarantees than mandatory models.

Sources

More in identity