Which of the following access control models uses a predefined set of access privileges for an object of a system?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The answer to the question is D. Discretionary Access Control.
Discretionary Access Control (DAC) is a type of access control model that grants or restricts access to system resources based on the identity of users and the groups they belong to. In DAC, the owner of an object has the discretion to grant or deny access to the object to other users or groups.
In DAC, the access control privileges are predefined for an object in the system. The owner of the object can set access control privileges for individual users or groups to access the object. These access control privileges include read, write, execute, and delete permissions.
The owner of the object has full control over the access control privileges, and they can modify or revoke these privileges at any time. The access control privileges are discretionary because the owner has the discretion to grant or deny access to the object.
For example, in a file-sharing system, the owner of a file can set access control privileges for individual users or groups to access the file. The owner can set read-only access for some users and read-write access for others. The owner can also revoke access to the file at any time.
Role-Based Access Control (RBAC) is another access control model that grants or restricts access to system resources based on the role of users. Mandatory Access Control (MAC) is a more strict access control model that grants or restricts access to system resources based on a set of rules defined by the system administrator. Policy Access Control (PAC) is not a commonly used access control model, and there is not a standard definition of it in the field of information security.