The IT Law Wiki

Discretionary access control

32,299pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

Discretionary access control (DAC) is

[a] method of restricting logical access to information system objects (e.g., files, directories, devices, permissions, rules) based on the identity and need-to-know of users, groups, or processes.[1]
[a] means of restricting access to objects (e.g., files, data entities) based on the identity and need-to-know of subjects (e.g., users, processes) and/or groups to which the object belongs. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control).[2]

References Edit

  1. Tax Information Security Guidelines For Federal, State and Local Agencies, at 152.
  2. DCID 6/3, Glossary, App. B.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki