Understanding Access Control
The three primary methods of access control are as follows:
Mandatory Access Control (MAC) All access is predefined.
Discretionary Access Control (DAC) Incorporates some flexibility.
Role-Based Access Control (RBAC) Allows the user’s role to dictate access capabilities.
A fourth method, Rule-Based Access Control (which also uses the RBAC acronym) is gaining in popularity. Each of these methods has advantages and disadvantages to the organization from a security perspective.
The method you choose will be greatly affected by your organization’s beliefs about how information needs to be shared. In a high-security environment, the tendency would be to implement either a MAC or RBAC method. In a traditional business ...
Get CompTIA® Security+™: Study Guide, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
