A group of developers is collaborating to write software for a company.
The developers need to work in subgroups and control who has access to their modules.
Which of the following access control methods is considered user-centric?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The access control method that is considered user-centric is Discretionary Access Control (DAC).
Discretionary Access Control (DAC) is an access control model that allows the owner or creator of a resource to control who has access to that resource. In DAC, the owner or creator of a resource is responsible for granting or denying access to that resource. This is in contrast to other access control models, such as mandatory access control, where access is determined by a central authority or rule-based access control, where access is determined by pre-defined rules.
In the context of the scenario given, the developers need to work in subgroups and control who has access to their modules. With DAC, each developer can control access to their modules, allowing them to work in subgroups and granting access to only those who need it.
Time-based access control (A) is an access control model that limits access to a resource based on a pre-defined time period. Rule-based access control (C) is an access control model that limits access to a resource based on pre-defined rules. Mandatory access control (B) is an access control model that assigns a security label to a resource based on the sensitivity of the resource and the clearance level of the user.
Therefore, the correct answer is D. Discretionary Access Control (DAC).