[Free eBook] Computer Networking Concepts | Download Today

Discretionary Access Control (DAC)

Definition - What does Discretionary Access Control (DAC) mean?

Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object's owner group and/or subjects. DAC mechanism controls are defined by user identification with supplied credentials during authentication, such as username and password. DACs are discretionary because the subject (owner) can transfer authenticated objects or information access to other users. In other words, the owner determines object access privileges.

[Free Harvard Research Report] Getting Workers More Comfortable With Technology Beyond Productivity Gains

Techopedia explains Discretionary Access Control (DAC)

In DAC, each system object (file or data object) has an owner, and each initial object owner is the subject that causes its creation. Thus, an object's access policy is determined by its owner.

A typical example of DAC is Unix file mode, which defines the read, write and execute permissions in each of the three bits for each user, group and others.

DAC attributes include:

User may transfer object ownership to another user(s).
User may determine the access type of other users.
After several attempts, authorization failures restrict user access.
Unauthorized users are blind to object characteristics, such as file size, file name and directory path.
Object access is determined during access control list (ACL) authorization and based on user identification and/or group membership.

DAC is easy to implement and intuitive but has certain disadvantages, including:

Inherent vulnerabilities (Trojan horse)
ACL maintenance or capability
Grant and revoke permissions maintenance
Limited negative authorization power

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Recommended Resources

Related Articles

Immersive Graphical Displays of Information: How Mixed Reality Technology is Changing the Game

National Entrepreneurs' Day: 5 Ways You Can Avoid AI Startup Failure

How IoT Can Compromise Your Home's Safety and Security

How IoT Can Make Your Home Safer and More Secure

Understanding Privacy Risks and Benefits of Skype Communication

Top 5 Ways to Organize the Data You Need in 2020

Featured Q&A

More of your questions answered by our Experts

Resources

The Ultimate Guide to Applying AI in Business

The Ultimate Guide to Applying AI in Business:

[Free Report] Salesforce CRM vs. Oracle Sales Cloud

[Free Report] Salesforce CRM vs. Oracle Sales Cloud:

[Free eGuide] No Bugs, No Stress - Your Step by Step Guide to Creating Life-Changing Software Without Destroying Your Life

[Free eGuide] No Bugs, No Stress - Your Step by Step Guide to Creating Life-Changing Software Without Destroying Your Life:

Free Download: Machine Learning and Why It Matters

Free Download: Machine Learning and Why It Matters:

[Techopedia Exclusive] Increase DevOps team productivity and efficiency.

[Techopedia Exclusive] Increase DevOps team productivity and efficiency.:

FREE DOWNLOAD: AI and ML in the Oil and Gas Industry

FREE DOWNLOAD: AI and ML in the Oil and Gas Industry:

AI in the Insurance Industry: 26 Real-World Use Cases

AI in the Insurance Industry: 26 Real-World Use Cases:

FREE WEBINAR | Managing Multiple Database Roles: How Many Hats Do You Wear?

FREE WEBINAR | Managing Multiple Database Roles: How Many Hats Do You Wear?:

Latest Articles

Immersive Graphical Displays of Information: How Mixed Reality Technology is Changing the Game

National Entrepreneurs' Day: 5 Ways You Can Avoid AI Startup Failure

How IoT Can Compromise Your Home's Safety and Security

How IoT Can Make Your Home Safer and More Secure

Understanding Privacy Risks and Benefits of Skype Communication