olemus
pääsu reguleerimine, mis rakendab
diskretsionaarset poliitikat, põhineb
pääsu taotlevate subjekti(rühma)de identiteedil,
infovara omanik delegeerib oma pääsuõigusi
teistele subjektidele
= an identity-based access control model

NIST SP 800-53 Rev. 5:
An access control policy that is enforced over all subjects and objects in a system where the policy specifies that a subject that has been granted access to information can do one or more of the following: pass the information to other subjects or objects; grant its privileges to other subjects; change the security attributes of subjects, objects, systems, or system components; choose the security attributes to be associated with newly-created or revised objects; or change the rules governing access control. Mandatory access controls restrict this capability.

ülevaateid
https://www.techopedia.com/definition/229/discretionary-access-control-dac

https://en.wikipedia.org/wiki/Discretionary_access_control

https://www.youtube.com/watch?v=UNRnSaXajC4

https://www.ekransystem.com/en/blog/mac-vs-dac

https://www.cs.cornell.edu/courses/cs5430/2018sp/lectures/15-dac/dacI.pdf

https://www.getkisi.com/blog/discretionary-access-control-explained

http://www.cs.cornell.edu/courses/cs5430/2015sp/notes/dac.php

https://www.cs.cornell.edu/fbs/publications/chptr.DAC.pdf

turvalisus
https://www.cs.purdue.edu/homes/ninghui/courses/526_Fall15/handouts/15_526_topic16.pdf

https://www.cs.purdue.edu/homes/ninghui/papers/ifedac_sacmat09.pdf

vt ka
- atribuudipõhine pääsu reguleerimine
- kontekstipõhine pääsu reguleerimine
- mandatoorne pääsu reguleerimine
- rollipõhine pääsu reguleerimine
- pääsu reguleerimine: turvalisus