Access Control Models Flashcards

1
Q

Discretionary Access Control (DAC)

A

Concept: Access granted based on user identity.
Owner Control: The resource owner determines access.
Example: File permissions on a shared drive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mandatory Access Control (MAC)

A

Concept: Access determined by comparing user and data labels (clearances).
Security Labels: Assigned to both data and users.
Example: Military or government systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Role-Based Access Control (RBAC)

A

Concept: Permissions based on user roles, not individual identities.
Efficiency: Simplifies access management.
Example: Assigning roles (e.g., admin, user) in an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lattice-Based Access Control

A

Concept: Access is based on security classes or security labels.
A subject can read and write to an object that has the same security class. A subject cannot access an object that has a higher security class.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly