Get the LinuxSecurity news you want faster with RSS
Powered By
Security Dictionary
Can't tell 'smtp' from 'snmp'? Find the precise meaning of these and hundreds of other security-related terms in our convenient and up-to-date Security Dictionary.
discretionary access control (DAC)
(I) An access control service that enforces a security policy
based on the identity of system entities and their authorizations
to access system resources. (See: access control list, identity-
based security policy, mandatory access control.)
(C) This service is termed "discretionary" because an entity might
have access rights that permit the entity, by its own volition, to
enable another entity to access some resource.
(O) "A means of restricting access to objects based on the
identity of subjects and/or groups to which they belong. The
controls are discretionary in the sense that a subject with a
certain access permission is capable of passing that permission
(perhaps indirectly) on to any other subject." [DOD1]
