Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £29.99 £19.99. New subscribers only. T&Cs apply

Find out more

Comparisons of the Access Control Models

In this video, you will learn about discretionary access control (DAC) and mandatory access control (MAC).
So, with discretionary access control versus mandatory access control, we’re looking at a range of analogue criteria when deciding which of these we may want to use. Ease of management for discretionary access control is offset with mandatory access control by the high levels of security that are offered. But also, the complexity of the day-to-day management and the cost of the day-to-day management. So the lack of flexibility with mandatory access control does lead some people to be cautious about adopting it, because you have that very, that very bureaucratic administrative route of routing all access change requests through the administrative body. And we’re using here levels of access.
It’s worthwhile saying with all of these models, we’re using levels and types of privilege rather than just, for each identity, saying access is granted. So we’re starting to break the type of authorization up into different types of category. So this gives us a much better route to managing. So mandatory access control provides access based on levels, while discretionary access control bases access largely based on identity. Discretionary access control is more labor intensive than mandatory access control when devolved, because more people are involved in that process. The mandatory access control central administrative body tends to be more onerous as a process though. Discretionary access control is more flexible than mandatory access control.
Users are able to manage permissions much more iteratively and much more fluidly day to day. And mandatory access control, as we’ve said, can only be changed by the administrators, while discretionary access control can be changed by any authorized user.

In this video, you will learn more about discretionary access control (DAC) and mandatory access control (MAC). These two models will be compared in terms of its benefits and limitations.

Reflect and share: Considering your context, share which model would be most suitable for you and why.

This article is from the free online

Cyber Security Foundations: Identity and Access Management

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now