What access control model allows the owner of the resources to define what users may access it?

Discretionary Access Controls (DAC)

Discretionary Access Control (DAC) gives subjects full control of objects they have created or been given access to, including sharing the objects with other subjects. Subjects are empowered and control their data. Standard UNIX and Windows operating systems use DAC for file systems: subjects can grant other subjects access to their files, change their attributes, alter them, or delete them.

If a subject makes a mistake, such as attaching the wrong file to an email sent to a public mailing list, loss of confidentiality can result. Mistakes and malicious acts can also lead to a loss of integrity or availability of data.

Discretionary Access Control

Discretionary Access Control (DAC) was originally defined by the Trusted Computer System Evaluation Criteria (TCSEC) as “a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control)”.

In practice the use of this terminology is not so clear-cut. In the strictest interpretation, each object controlled under a DAC must have an owner who controls the permissions that allow access to the object. Although many modern operating systems support the concept of an owner, this is not always implemented. In particular the standard does not cover “owners” leaving a problematic definition when group ownership occurs.

2.3.2 Discretionary Access Control

DAC is based on Access Control Lists (ACLs). The ACL lists which users have access to an object and what they can do with that object. The ACL lists users and permissions. You specifically grant or deny permissions.

MAC systems use a more distributed administrative architecture. In a MAC model, access is determined by the object owner. So if you are the owner of an object, you have full control in determining who else can access that object.

Most PC operating systems use a MAC model. Figure 2.3 shows an example from a Windows 8 system. You can see the ACL for one of the folders on the system.

DAC systems are generally easier to manage than MAC systems. The distrusted administrative model puts less of a burden on the administrator. The administrator is not responsible for setting the permissions for every system.

DAC systems can be a little less secure than MAC systems. This is in part due the distributed management model. Since the administrator does not control all object access, it’s possible that permissions could be set incorrectly, potentially leading to a breach of information. The administrator can get around this by setting up a group of systems that will only be managed by the administrator. These systems can be used to store more sensitive information.

Discretionary Access Control (DAC)

Discretionary Access Control is based on Access Control Lists (ACLs). The ACL lists which users have access to an object and what they can do with the object. The ACL will list users and permissions. You can give permissions or specifically deny permissions.

MAC systems use a more distributed administrative architecture. In a MAC model, access is determined by the object owner. So, if you are the owner of an object, you have full control in determining who else can access that object.

Most PC operating systems use a MAC model. Figure 1.11 shows an example from a Windows 7 system. You can see the Access Control List that is in place for one of the folders on the system.

DAC systems are generally easier to manage than MAC systems. The distrusted administrative model puts less of a burden on the administrator. The administrator is not responsible for setting the permissions on all the systems.

DAC systems can be a little less secure than MAC systems. This is in part due to the distributed management model. Since the administrator does not control all object access, it's possible that permissions can be incorrectly set, possibly leading to a breach of information. The administrator can get around this by setting up a group of systems that will be managed only by the administrator. These systems can be used to store more sensitive information.

Access control methodologies

Access controls are the means by which we implement authorization and deny or allow access to parties, based on what resources we have determined they should be allowed access to. Although the term may sound very technical and oriented in the direction of high-security computing facilities, access controls are something we deal with on a daily basis.

When we lock or unlock the doors on our house, we are using a form of physical access control, based on the keys (something you have) that we use.

When we start our car, we are also likely to use a key. For some newer cars, our key may even include an extra layer of security by adding Radio Frequency Identification (RFID) tags, certificate-like identifiers stored on the key itself, and other security technologies.

Upon reaching our place of employment, we might use a badge or key (something you have) to enter the building, once again, a physical access control.

When we sit down in front of our computer at work and type in our password (something you know), we are authenticating and using a logical access control system in order to access the resources to which we have been given permission. Depending on the environments we pass through in the course of working, going to school, and performing the other activities that make up our day, we may have more or less exposure to access controls, but most of us see multiple implementations like these on a regular basis.

Discretionary Access Control

Discretionary Access Control is the most common access control model in use. This model bases security off of the identity of the access control subject. Every access control subject has specific permissions applied to it and based on these permissions has some level of authority.

This access control model is called discretionary because individual users or applications have the option of specifying access control requirements on specific access control objects that they own. In addition, the permission to change these access control requirements can also be delegated. As assigning access control permissions to the access control object is not mandatory, the access control model itself is considered discretionary. Basically, the owner of the access control object is allowed to decide how they want their data protected or shared. The primary use of DAC is to keep specific access control objects restricted from users who are not authorized to access them. The system administrator or end user has complete control over how these permissions are assigned and can change them at will.

DAC allows for a distributed access control system to be used because the owner of the access control object has the ability to change the access control permission on objects without regard to a central authority. Also, centralized access control systems can be used with this as a single authoritative point of authorization with the permissions still being applied at the object level. The ability to use different types of access control systems with this model gives it a great deal of flexibility.

As previously mentioned, this is a very common access control model. It is used in UNIX, Windows, Linux, and many other network operating systems. These systems use an access control list (ACL) to set permissions on access control objects. These ACLs are basically a list of user IDs or groups with an associated permission level. Every access control object has an ACL, even if it is left at the default after the object is created. Systems do vary in the way the permissions are defined in the ACLs and how the overall access control within the operating system, database, network device, or application works.

Discretionary Access Control

Discretionary access control (DAC), also known as file permissions, is the access control in Unix and Linux systems. Whenever you have seen the syntax drwxr-xs-x, it is the ugo abbreviation for owner, group, and other permissions in the directory listing. Ugo is the abbreviation for user access, group access, and other system user’s access, respectively. These file permissions are set to allow or deny access to members of their own group, or any other groups. Modification of file, directory, and devices are achieved using the chmod command. Tables 11.1 and 11.2 illustrate the syntax to assign or remove permissions. Permissions can be assigned using the character format:

Table 11.1. Notation to Add, Remove Access, and how to Explicitly Assign Access.

Table 11.2. Notation for File Permissions.

Chmod [ugoa] [+−=] [rwxXst] fileORdirectoryName

In DAC, usually the resource owner will control who access resources. Everyone has administered a system in which they decide to give full rights to everyone so that it is less to manage. The issue with this approach is that users are allowed not only to read, write, and execute files, but also to delete any files they have access to. This author has so often seen system files deleted in error by users, or simply by the user’s lack of knowledge. This is an instance where DAC could be seen as a disadvantage, or less advantageous.

Discretionary access control (DAC) for EHR

DAC is the first of these policies discussed in this section. It depends on client features as well as associations that are characterized. The right of entry is typically based on the client’s approved verification, which in turn is based on the classes submitted for approval and the personality of the controller to choose whether to approve or deny access to the application. The proprietor of the object depicts the theme that can pass the object so that the complete utilization of the item can be chosen by the object’s administrator [11,13]. This sort of access control is generally less secure than obligatory access control, although it is a well-known structure in operating systems of an organization. Although it is less secure, it is simple to utilize and is progressively versatile to suit the situations that don’t require the severe well-being of items. The DAC structure is shown in Fig. 4. The most significant element that can cause an issue with the system is that the proprietor can move his position to someone else.

Data spillage is another issue in such a way that the control policies are resolved by requirements by an owner without checking the data of the users and it doesn’t recognize articles or subject areas. This access control depends on client or gathering control. While assigning permissions and constraints to clients rather than chipping away at a single user, it characterizes bunches that are controlled by the owner and introduces certain authorizations and limitations in it. This circumstance can cause genuine security spills in a situation in which the proprietor is not dependent.