Access Controls

Discretionary Access Control (DAC) – A certain amount of access control is left to the discretion of the object’s owner, or anyone else who is authorized to control the object’s access. The owner can determine who should have access rights to an object and what those rights should be.

Mandatory Access Control (MAC) – Access control that requires the system itself to manage access controls in accordance with the organization’s security policies.

Role-based access control (RBAC) – An access control system that sets up user permissions based on roles.