Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
CompTIA
Security+
Access control models
cashew
I understand the difference in the big three (MAC, DACS, RBACS) of Access control but need a little more clearity. Do all of there rely on ACL's for their permissions? For the examples listed below, we'll assume that I'm applying NTFS permissions to an ACL of a folder in Win2k3:
MAC - Public, Confidential, Private, Secret. Would these be the names of 4 groups, or would you classify your group creation based on the sensitive nature of the file? Joe and Frank is a member of the Confidential Group, Bob is a member of the Private group, Susie is a member of Confidential, and everyone is a member of public.
RBACS - Based on the roles of the coroporation (my last job did this): CS Agent, Market Designers, Accounting read, Accounting write, etc.
DACS - Employees are governed on the rules of AD and have the ability to create folders and files where permissions allow them to. If the employees create a file, they are the owner and may modify the ACL of the created object at their discretion?
Does this seem about right?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
There are no comments yet
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
