Discretionary access control, frequently abbreviated to DAC, is the most widely used access control model.
Discretionary Access Control is based on Access Control List (ACL). The ACL lists which users have access to an object and what they can do with the object. For Access Control List (ACL), please refer to What is Access-control list (ACL) — Erion Xu — Medium
Under discretionary access control, an objects’ owner is in charge of access to it. Typically, the object’s owner is the person who created it. But an object’s owner can always decide to transfer ownership to someone else.
The biggest strength of DAC is its flexibility. DAC works perfectly for individuals and small teams. On the downside, discretionary access control tends to get unwieldy the larger the organization gets.
There are ways for larger organizations — the Role-Based Access Control model, in which users are grouped to simplify access control. For Role-Based Access Control (RBAC), please refer to What is role-based access control (RBAC) | by Erion Xu | Mar, 2023 | Medium
- https://www.sciencedirect.com/topics/computer-science/discretionary-access-control#:~:text=System%20Administrators%2C%202011-,Discretionary%20Access%20Control%20(DAC),will%20list%20users%20and%20permissions.
- https://en.wikipedia.org/wiki/Discretionary_access_control
- https://www.ekransystem.com/en/blog/mac-vs-dac
