Security: access control
Self-tutoring about document security: the tutor mentions DAC vs MAC.
The following is according to my understanding.
In the context of document security, access control means control over who can read and/or change a given document. There are a few paradigms of how this might be accomplished.
People in educational settings might be familiar with DAC, or Discretionary Access Control. In such a scenario, the owner of the document sets who can view it or edit it. In some cases, there may be an administrator who sets general policies about which type of users can view or change which type of documents, but it’s up to the document’s owner to give specific permissions.
With Mandatory Access Control, or MAC, the central administration designates each employee with a certain clearance level, and every document owned by said institution with its own level as well. When the employee’s level is greater than or equal to the document’s level, the employee can read the document. Just as likely the documents can’t be edited without special-case authority.
Mandatory Access Control is the system in place if documents are labeled “Secret” or “Top Secret.” It’s used when security is the highest priority. Discretionary Access Control is used when documents are created and edited spontaneously, so flexibility is more important than security.
Source:
syteca.com: Mandatory Access Control vs Discretionary Access Control: Which to Choose?
Jack of Oracle Tutoring by Jack and Diane, Campbell River, BC.
Leave a Reply
You must be logged in to post a comment.