Discretionary Access Control (DAC)

Comments Off on Discretionary Access Control (DAC) 12

A means of restricting access to Resources based on the identity of persons and/or groups to which they belong. The controls are discretionary in the sense that a person with certain access permission is capable of passing that permission (perhaps indirectly) on to any other person (unless restrained by Mandatory Access Control). An example of DAC would be the access awarded to the payroll department to view payroll information.

© 2020 CISOHandbook.com - Privacy Policy

Back to Top