We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is Discretionary Access Control?

Malcolm Tatum
By
Updated: May 16, 2024
Views: 29,836
Share

Discretionary access control (DAC) is a type of security measure that is employed with many different types of business and personal networks. The idea behind this type of computer security is to have one person or a select group of people with the capability of controlling the use of any and all programs residing in the network, including the assigning of access rights to different users. Typically, this process calls for being able to configure user profiles to restrict access to some programs while allowing access to others. All this activity takes place at the discretion of these master users or administrators, who can change or revoke privileges at any time.

The process of discretionary access control is somewhat different from a different security measure known as mandatory access control. With the latter, the ability of administrators to create customized access for specific users is not present, since the restrictions are set by security policy administrators based on the constraints found in the operating system used on the network. By contrast, DAC makes it possible to customize the access of each authorized user based on a need-to-know basis. While both approaches are effective, discretionary access control is easily the more flexible of the two and can be an ideal solution for companies of just about any size.

One of the main benefits of discretionary access control is the flexibility that is built into the assigning of access rights to various programs and databases that reside in the network. This means when an employee is promoted to a new position, the process of changing access rights so that he or she can make use of data relevant to those new responsibilities can be managed with ease. At the same time, if an employee is assigned to a project that requires temporary access to certain data, those rights can be assigned then revoked once the project is complete. The abilities of the administrator or master user make it possible to initiate the changes in a matter of seconds, easily customizing that access to meet whatever need should arise.

The exact structure of discretionary access control depends on the nature of the programs in use and how access rights are assigned. Some configurations allow for rights to be based on the assignment of specific login credentials that are then also customized in terms of permissions within each of those programs. For example, a salesperson may be granted access to the billing system so he or she can see billing activity relevant to the customer profiles that contain that salesperson’s specific sales ID number, but not the billing activity of other customers. The ability to tailor access rights to individual users means that no one has access to all the data on the network except those who are charged with overseeing the entire network. From this perspective, this limits the potential for illegal use of the by hackers, corporate spies or even disgruntled former employees who are looking for a way to get back at the employer.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Malcolm Tatum
By Malcolm Tatum
Malcolm Tatum, a former teleconferencing industry professional, followed his passion for trivia, research, and writing to become a full-time freelance writer. He has contributed articles to a variety of print and online publications, including EasyTechJunkie, and his work has also been featured in poetry collections, devotional anthologies, and newspapers. When not writing, Malcolm enjoys collecting vinyl records, following minor league baseball, and cycling.
Discussion Comments
Malcolm Tatum
Malcolm Tatum
Malcolm Tatum, a former teleconferencing industry professional, followed his passion for trivia, research, and writing...
Learn more
Share
https://www.easytechjunkie.com/what-is-discretionary-access-control.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.