0
7.4kviews
Compare and contrast discretionary access control and mandatory access control
1 Answer
0
41views

Discretionary access control

  1. Subjects have full control of the objects they have. The discretionary part of 'DAC' means that the file owner has the ability to change the permissions on the file.
  2. Uses file permissions and ACL's to restrict access based on users identity or group membership.
  3. It is more labour intensive and flexible as compared to MAC.
  4. All windows, linux, unix and mac os uses DAC.
  5. Disadvantage is their weakness to malicious attacks like trojan horses which may appear in application program.
  6. Example. example

Mandatory Access Control

  1. An additional security policy that classifies the user and data based on security classes is called MAC.
  2. Each subject and object is labelled with a security label.
  3. It is less labour intensive and flexible as compared to DAC.
  4. MAC based commercial systems are trusted solaries and SE linux.
  5. Disadvantage is that being too strict In that they need a firm classification of subjects and objects into security levels and hence they are not applicable to various environments.
  6. Example example
Please log in to add an answer.