The type of discretionary access control (DAC) that is based on an individual's identity is also called:
Click on the arrows to vote for the correct answer
A. B. C. D.A.
An identity-based access control is a type of Discretionary Access Control (DAC) that is based on an individual's identity.
DACis good for low level security environment.The owner of the file decides who has access to the file.
If a user creates a file, he is the owner of that file.
An identifier for this user is placed in the file header and/or in an access control matrix within the operating system.
Ownership might also be granted to a specific individual.
For example, a manager for a certain department might be made the owner of the files and resources within her department.A system that uses discretionary access control (DAC) enables the owner of the resource to specify which subjects can access specific resources.
This model is called discretionary because the control of access is based on the discretion of the owner.
Many times department managers, or business unit managers , are the owners of the data within their specific department.
Being the owner, they can specify who should have access and who should not.
Reference(s) used for this question: Harris, Shon (2012-10-18)
CISSP All-in-One Exam Guide, 6th Edition (p.
220)
McGraw-Hill
Kindle Edition.
The correct answer is A. Identity-based Access Control.
Discretionary Access Control (DAC) is a security mechanism that allows users to control access to their own resources, such as files and folders. DAC is based on the discretion of the resource owner and allows them to grant or restrict access to others based on their own criteria. In DAC, access control decisions are made by the resource owner and are discretionary in nature, meaning that they are not governed by any set of rules or policies.
Identity-based Access Control (IBAC), also known as Identity-Based Access Management (IBAM), is a type of DAC that is based on an individual's identity. In IBAC, access control decisions are made based on the identity of the user or the group to which they belong. IBAC is often used in conjunction with other access control mechanisms, such as role-based access control (RBAC) and attribute-based access control (ABAC).
In IBAC, access control decisions are made based on the identity of the user or the group to which they belong. This means that access control decisions are based on the identity of the user, rather than on any specific rules or policies. For example, an employee might be given access to a particular folder because they belong to a certain group within the organization, or because they have been given a specific role that grants them access to certain resources.
In summary, IBAC is a type of discretionary access control that is based on an individual's identity, allowing access control decisions to be made based on the identity of the user or group to which they belong.