DAC

DAC

Discretionary access control (DAC) is a type of access control that allows the data owner to define and control access to their data. In DAC, the data owner has discretion over who can access the data and to what extent they can access it. This means that the users themselves are responsible for defining their own access control.From: The Handbook of Ad Hoc Wireless Networks [2019], The concept of improving the security of IT systems supporting the storage of knowledge in organizations [2022]

Access Control Methods in Cloud Enabledthe Cloud-Enabled Internet of Things

View Chapter

Purchase Book

Published in N. Jeyanthi, Kun Ma, Thinagaran Perumal, R. Thandeeswaran, Managing Security Services in Heterogenous Networks, 2020

B. Ravinder Reddy, T. Adilakshmi, C. Pavan Kumar

DAC refers to restricting or permitting access based on the group to which the initiator of the action belongs. For example, a user belonging to group A may or may not be given permission to access some set of files based on his or her membership in group A.

The concept of improving the security of IT systems supporting the storage of knowledge in organizations

View Article

Journal Information

Published in Systems Science & Control Engineering, 2022

Paweł Moszczyński, Maciej Moszczyński, Patrycja Bryczek-Wróbel, Michał Kapałka, Tomasz Drozdowski, Jarosław Wróbel

Another look at the access control issue is discretionary access control DAC – where the data owner decides who and to what extent will have access to it. The data creator is usually considered the data owner. In this model, the owner can delegate his rights to any entity in the system. This access control model is much less restrictive compared to MAC. Its weak point is the fact that it depends on the system users how the data is protected, so it is quite easy to lose control over the level of access control to data in the system.

Explore chapters and articles related to this topic

Access Control Methods in Cloud Enabledthe Cloud-Enabled Internet of Things

The concept of improving the security of IT systems supporting the storage of knowledge in organizations