Models of Access Control to Be Familiar with

Russell Thomas, Enterprise Security Mag | Monday, August 16, 2021

Access control systems are ubiquitous and serve a critical role in the management of identification and access (IAM).

FREMONT, CA: There are various types or varieties of access control to choose from when determining user access in information security. Here are a few access control models as follows:

Discretionary Access Control (DAC): Discretionary access control lets the owner of a file or system manages, give, and limit the permissions of others. Consider the process of creating a Google Sheets spreadsheet on Google Drive. The file owner can grant particular users access to the document, either to view it or to alter it. Additionally, he may configure it such that anyone with a link to the document can access it or open it to the public.

Access control lists (ACLs) are used extensively in DACs, frequently used in operating systems. These lists often contain information about specific individuals (or groups of individuals) and their access permission levels. Additionally, discretionary access controls are more adaptable and less restrictive than the following sort of access control. They are, however, the least secure technique, as access control is delegated to the file or system owner. Additionally, discretionary access controls are more adaptable and less restrictive than the following sort of access control.

Mandatory Access Control (MAC): Unlike DAC, obligatory access control is not discretionary and is solely determined by a central authority, such as a security administrator. The file owners and users have little to no control over who has access to their files.

MAC associates programs or degrees of access with users using labels (confidential, secret, top-secret, etc.) and clearances. Documents are labeled to indicate the degree of approval required to view, alter, or disclose them.

An administrator can define these access levels for individuals and groups of users, which the users themselves cannot change. This is the most stringent style of access control implemented by the United States government and military organizations to exert control over sensitive material.

Attribute-Based Access Control (ABAC): Attribute-Based Access Control (ABAC) enables associating individuals or groups with the types of data they can utilize within specific parameters. It facilitates the use of Boolean logic to develop more granular and flexible regulations.

Attributes may refer to particular specific features or requirements applied to persons (subject attributes) or objects (object attributes). Management levels, employee identifiers, and organizational positions are all instances of subject qualities.

See Also: Top Wireless Technology Solution Companies