Access Control Models Flashcards
Discretionary Access Control (DAC)
Concept: Access granted based on user identity.
Owner Control: The resource owner determines access.
Example: File permissions on a shared drive.
Mandatory Access Control (MAC)
Concept: Access determined by comparing user and data labels (clearances).
Security Labels: Assigned to both data and users.
Example: Military or government systems.
Role-Based Access Control (RBAC)
Concept: Permissions based on user roles, not individual identities.
Efficiency: Simplifies access management.
Example: Assigning roles (e.g., admin, user) in an organization.
Lattice-Based Access Control
Concept: Access is based on security classes or security labels.
A subject can read and write to an object that has the same security class. A subject cannot access an object that has a higher security class.