Factbites
Where results make sense
About us   |   Why use us?   |   Reviews   |   PR   |   Contact us  

Topic: Discretionary access control


Related Topics
Mandatory access control

In the News (Sat 2 Jun 12)
EXECUTIVE POWER
Iran
ANALYSIS
Pakistan
Family compact

  
  NCSC-TG-003 A GUIDE TO UNDERSTANDING DISCRETIONARY ACCESS CONTROL IN TRUSTED SYSTEMS 30 September 1987
The controls are `discretionary in the sense that a subject with a certain access `permission is capable of passing that permission (perhaps indirectly) on `to any other subject." DAC controls are used to restrict a user's access to protected objects on the system.
Access control matrices are usually sparsely populated and are represented in memory by row or by column, eliminating storage requirements for empty entries.
Access permission to an object by users not already possessing access permission shall only be assigned by authorized users.'' At this level the requirement mandates that the DAC mechanism control access to each named object.
www.fas.org /irp/nsa/rainbow/tg003.htm   (12495 words)

  
 Discretionary access control - Wikipedia, the free encyclopedia
Discretionary Access Control (DAC) defines basic access control policies to objects in a filesystem.
The Telecom Glossary defines DAC as "A means of restricting access to objects based on the identity and need-to-know of users and/or groups to which the object belongs.
Controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (directly or indirectly) to any other subject."
en.wikipedia.org /wiki/Discretionary_access_control   (126 words)

  
 TechExams.Net - Security+ TechNote: Access Control
With access controls in place, users are identified, authenticated, and authorized before they can actually access resources or perform operations on a system.
Access control models provide a model for developers who need to implement access control functionality in their software and devices.
This access control model can increase the level of security, because it is based on a policy that does not allow any operation not explicitly authorized by an administrator.
www.techexams.net /technotes/securityplus/mac_dac_rbac.shtml   (1236 words)

  
 A GUIDE TO UNDERSTANDING DISCRETIONARY ACCESS CONTROL IN TRUSTED SYSTEMS   (Site not responding. Last check: 2007-10-09)
DAC controls are used to restrict a user's access to protected objects on the system.
Discretionary access control mechanisms restrict access to objects based solely on the identity of subjects who are trying to access them.
The access control matrix such as the example in figure 1- above, is a pictorial view of a set of users and their access permissions to a set of protected objects.
www.dfw.net /~scottvr/rainbow/NSA-NCSC/dac.html   (12266 words)

  
 Introduction to Oracle Label Security
DAC is a means of controlling access to information through privileges, which are permissions to perform an operation within the system.
With discretionary access control, access to data is controlled in a single dimension.
Label-based access control depends on the basic DAC policy; together these policies dictate the criteria by which access to an object is either permitted or denied.
www.stanford.edu /dept/itss/docs/oracle/9i/network.920/a96578/intro.htm   (2315 words)

  
 Discretionary access control (DAC)   (Site not responding. Last check: 2007-10-09)
The access attributes allow the system to define several distinct levels of authorization, and the access rules provide the mechanism for the system to prevent unauthorized access to sensitive information.
These access checks are performed at the time the file is opened, rather than at the time a read or write is actually attempted.
With DAC, the owner of an object can choose to grant access permissions to other users; that is, the segregation of information and the prevention of unauthorized access to information is set according to the discretion of the owner of the information.
ou800doc.caldera.com /en/SEC_admin/IS_DiscretionaryAccCntlDAC.html   (699 words)

  
 Access control - Wikipedia, the free encyclopedia
Role-based access control assigns group membership based on organizational or functional roles.
Access rights and permissions for objects are assigned any group or, in addition to, individuals.
Lattice-based access controls: These can be used for complex access control decisions involving multiple objects and/or subjects.
en.wikipedia.org /wiki/Access_control   (1326 words)

  
 TRUSIX: Access Control Lists
Access control for sockets that use name spaces other than those local to the UNIX system (UDP, TCP) must be addressed in the specification and evaluation of the system involved, and are neither explicitly recommended nor exempted.
DAC is a means of controlling access to an object based on the identity of subjects and/or groups to which they belong.
The classes of DAC mechanisms which return or change the value of the discretionary access control information are those mechanisms which: change ownership of an object, change the file permission bits, create objects, access object attributes.
www.fas.org /irp/nsa/rainbow/tg020-a.htm   (19007 words)

  
 Discretionary access control (DAC): access control lists
Access Control Lists (ACLs) give you a more precise way to control access to files.
It never has any influence on what access is granted to a user for the directory it is placed on.
Please note that in the case of the DAC group permission bits, it is the class bits that are modified and not the owning group bits in the ACL entry.
osr600doc.sco.com /en/SEC_admin/ssC.dac.acls.html   (1828 words)

  
 Discretionary access control Summary
The use can be restricted to the viewing of information for some users, while, for other users, the ability to manipulate or alter the information may be granted.
Many operating systems, particularly those serving multiple users, have several different types of access privileges--a hierarchical scheme of permissions--that can be granted or denied to certain individual users or to groups of users.
If the user supplies the correct password, access is granted to the particular file, program or computer.
www.bookrags.com /Discretionary_access_control   (254 words)

  
 Changes to the behavior of the default discretionary access control list (DACL) for administrators on a Windows ...
The default behavior of the discretionary access control list (DACL) on a Microsoft Windows XP-based system is different from the behavior of earlier versions of the DACL.
When you specify NULL as the LPSECURITY_ATTRIBUTES parameter while you create a securable object, the DACL that is associated with the access token of the caller is used to apply access control on the object.
Access tokens that are created by a later authentication use the new policy.
support.microsoft.com /?id=318825   (453 words)

  
 Best practices and guidance for writers of service discretionary access control lists
The access control entry (ACE) is restricted to LocalSystem.
This access control entry (ACE) gives the same rights as in the previous access control entry (ACE) to all the local administrators.
In the last access control entry (ACE), a user in a group that has low rights, such as any authenticated user, can change the configuration of the service.
support.microsoft.com /kb/914392   (991 words)

  
 Mandatory Access Control
Mandatory Access Control allows new access control modules to be loaded, implementing new security policies.
The mandatory part of the definition comes from the fact that the enforcement of the controls is done by administrators and the system, and is not left up to the discretion of users as is done with discretionary access control (DAC, the standard file and System V IPC permissions on FreeBSD).
Warning: The improper use of the information contained herein may cause loss of system access, aggravation of users, or inability to access the features provided by X11.
www.freebsd.org /doc/en_US.ISO8859-1/books/handbook/mac.html   (446 words)

  
 LinuxPlanet - Tutorials - Security and Apache: An Essential Primer - Maxwell's Demon and Hat Colour
Chances are that your Web site has at least a few pages that you really don't want published to the Internet at large.
How do you keep the Black Hats from seeing them, whilst not impeding the access of the White Hats who need the pages?
At the time I'm writing this (February 2000), there's a lot of current-events news about major Web sites being taken down temporarily by denial-of-service (DoS) attacks.
www.linuxplanet.com /linuxplanet/tutorials/1527/2   (583 words)

  
 Discretionary Access Control (DAC)
A mechanism for the enforcement of user-defined file sharing.
The TCSEC C1 classification and above requires that the owner or manager of each data file should be able to specify which users may access his or her data, and in what modes (e.g., read, modify, append).
RESOURCE CENTERS: Email Security •Intrusion Detection Systems •Network Access Control • Security Audit
www.itsecurity.com /security.htm?s=344   (96 words)

Try your search on: Qwika (all wikis)

Factbites
  About us   |   Why use us?   |   Reviews   |   Press   |   Contact us  
Copyright © 2005-2007 www.factbites.com Usage implies agreement with terms.