DAC and MAC safety

What is the difference between discretionary access control and mandatory access control? Which is safer?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

Discretionary Access Controls (DAC) define basic access control policies to objects. These are set at the discretion of the owner of the objects. For example, user and group ownership or file and directory permissions.

Mandatory Access Controls (MAC) are system-controlled access control policies where the system dictates and controls the level of access to an object, even a user created one. The administrator doesn't allow a user to grant less restrictive access controls to that object.

Mandatory Access Controls are considerably 'safer' than discretionary controls, but they are harder to implement and often require consideration tweaking to ensure all applications function correctly.

More News and Tutorials

Articles
- The Windows 2000 access control model
- The Windows 2000 access control model
- BITS & BOLTS Microsoft's .NET development framework can help your Web apps perform securely.">Safety Net
- Access rights
- Access rights

This was first published in September 2006

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Data Center
Server Virtualization
Cloud computing
Enterprise Desktop

Data Center
- Data center technologies evolve to meet tomorrow's computing demands
  
  VMware's upcoming public cloud and AMD's 64-bit ARM servers are technologies for the data center that exemplify the changes in the IT industry.
- New data center cooling strategies to improve efficiency, lower costs
  
  Stagnant strategies for data center cooling will keep energy bills climbing ever higher, but a more modern approach can bring them back down to earth.
- Converged systems usher in data center transformation
  
  The rise of converged systems has brought a new level of manageability to the data center, but these integrated offerings have a few drawbacks.
Server Virtualization
- Virtualization widens schism between server and networking teams
  
  Virtual networking has revived tensions between server and networking teams within data centers, but it's a dynamic both sides must embrace.
- Strike a common-sense balance when deciding what to automate
  
  Consider the many factors that determine the potential return on investment when deciding when and what to automate.
- How can I enable automated VM resource provisioning?
  
  As with many other facets of virtualization, VM resource allocation is becoming automated. Find out what tools you can use for automated provisioning.
Cloud computing
- Sequestration stymies federal government cloud ambitions
  
  The federal government is under mandates to consolidate data centers and deliver IT as a Service, but sequestration makes this easier said than done.
- VMware charges into public cloud IaaS fray as Dell exits
  
  Dell will discontinue its OpenStack and VMware vCloud-based public cloud offerings as VMware delivers its vCloud IaaS.
- Cloud migration obstacles remain for heavily regulated industries
  
  Financial, government and healthcare industries must overcome data security breaches and regulatory issues for a successful cloud migration.
Enterprise Desktop
- Finding a prescription for desktop security management at Sharp HealthCare
  
  Desktop security policy must cover the use of mobile devices and the cloud. Sharp HealthCare uses a mix of software for desktop security management.
- Windows 8 tools build on native Windows 7 utilities with new capabilities
  
  New and updated Windows 8 tools can help admins and users. Windows 8 utilities include functions for backing up and restoring systems.
- Why a Windows security scan is not enough to protect your workstations
  
  A traditional Windows security scan may lure IT into complacency about desktop vulnerabilities, so look at four areas to beef up Windows security.

All Rights Reserved,Copyright 2003 - 2013, TechTarget