Discretionary Access Control

What Does Discretionary Access Control Mean?

Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object’s owner group and/or subjects. DAC mechanism controls are defined by user identification with supplied credentials during authentication, such as username and password. DACs are discretionary because the subject (owner) can transfer authenticated objects or information access to other users. In other words, the owner determines object access privileges.

Advertisements

Techopedia Explains Discretionary Access Control

In DAC, each system object (file or data object) has an owner, and each initial object owner is the subject that causes its creation. Thus, an object’s access policy is determined by its owner.

A typical example of DAC is Unix file mode, which defines the read, write and execute permissions in each of the three bits for each user, group and others.

DAC attributes include:

  • User may transfer object ownership to another user(s).
  • User may determine the access type of other users.
  • After several attempts, authorization failures restrict user access.
  • Unauthorized users are blind to object characteristics, such as file size, file name and directory path.
  • Object access is determined during access control list (ACL) authorization and based on user identification and/or group membership.

DAC is easy to implement and intuitive but has certain disadvantages, including:

  • Inherent vulnerabilities (Trojan horse)
  • ACL maintenance or capability
  • Grant and revoke permissions maintenance
  • Limited negative authorization power
Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Featured Content

3 Days Left to Join the Chimpzee Presale: Last Chance to Buy the Hot New Green Meme Coin Before Launch

Alan Draper5 months
dummy_img
Artificial Intelligence

Google Gemini Goes Live: Here’s What to Expect from the AI

Tim Keary5 months
dummy_img
Artificial Intelligence

Blockchain vs Deep Fakes: A Fair Fight in the Battle for Truth?

Arthur Cole5 monthsTechnology Writer
dummy_img
Artificial Intelligence

AI Video Game Testing: Is it a Turbo Boost For Quality Assurance?

Alessandro Mascellino5 monthsTechnology Journalist
dummy_img
Featured Content

New Low Market Cap Cryptocurrency Green Bitcoin ($GBTC) Begins Presale, Raises $275,000 In 24 Hours.

Alan Draper5 monthsEditor-in-Chief
dummy_img
Blockchain

Experts Roundtable: What DEXs Must Do Better for Adoption

Iliana Mavrou5 monthsCrypto Writer

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Investing
Investing
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
VoIP
VoIP
VPN
VPN