[i] Access Control) - (definition:: Process of granting or denying access to resources based on defined policies and permissions) - (subject:: Cybersecurity
Types of Access Control
There are two main types of access control.
Discretionary Access Control (DAC)
Discretionary Access Control Definition
[i] Discretionary Access Control) - (definition:: The owner of the resource has the discretion to determine who has access and what permissions they have) - (subject:: Cybersecurity
Discretionary Access Control Example
A good example of DAC would be a document shared on Microsoft 365 and GSuite. You can share a file with specific emails as the owner of the resource.
Mandatory Access Control (MAC)
Mandatory Access Control Definition
[i] Mandatory Access Control) - (definition:: Access is controller by a system based on predefined security policies, not the resource owner) - (subject:: Cybersecurity
Mandatory Access Control Example
Using the same analogy as Discretionary Access Control (DAC), MAC would be if that file is in a shared folder or filespace. In that case, that file is automatically shared with the users that have access to the shared folder.
[i] Access Control List (ACL)) - (definition:: A list used top define and manage access permissions like files, folders, or network devices) - (subject:: Cybersecurity
Access Control List (ACL)
ACLs contain a list of security principals (these are users, groups, system accounts) and specific permissions granted to each.
When a user attempts to access a resource, the system checks the ACL to determine if a user is allowed to have the requested access. If the user is not on the list or has insufficient permissions, access is denied.