Episode 39 — Discretionary, Non-Discretionary, and Mandatory Access Models
This episode covers three primary access control models and their application in cloud security. Discretionary Access Control (DAC) allows resource owners to determine access, offering flexibility but requiring careful oversight. Non-Discretionary models, including Role-Based and Task-Based Access Control, centralize permissions based on policy rather than user discretion. Mandatory Access Control (MAC) enforces strict classifications and security labels, often used in high-security or regulated environments.
We compare the strengths, weaknesses, and real-world applicability of each model, linking them to compliance frameworks and operational needs. For the Cloud+ exam, recognizing which model fits a given scenario is essential for both design and troubleshooting tasks. Produced by BareMetalCyber.com, home to more prepcasts, books, and access control strategy resources.
