DAC – Discretionary Access Control
DAC – Discretionary Access Control
is a security model that allows the owner of a resource to determine who can access and manipulate that resource.
- A resource has an ACL (Access Control List), with a list of permissions to users or groups.
- The usual permissions are: read, write, delete, and execute.
- It is the user who decides about the permissions.
- There is no central authority to manage the permissions.
- Pros: Fine-grained control, simplicity, flexibility
- Cons: Not suitable for large environments.