Access control can be implemented by operating systems that are developed with one of the
three types of access controlmodels: discretionary, mandatory, and role-based.
The discretionary access model allows data owners to decide what subjects can
access resources; mandatory access models do not allow data owners or users
such flexibility.Discretionary uses ACLs and mandatorymodels use security labels
to enforce access control policies. The role-based model allows roles and
groups to be developed, and users are assigned to these logical containers.
No comments:
Post a Comment