- Non-discretionary access control
- discretionary access control (DAC)
- attribute-based access control (ABAC)
- mandatory access control (MAC)
Explanation: Access control models are used to define the access controls implemented to protect corporate IT resources. The different types of access control models are as follows:
Mandatory access control (MAC) – The strictest access control that is typically used in military or mission critical applications.
Discretionary access control (DAC) – Allows users to control access to their data as owners of that data. Access control lists (ACLs) or other security measures may be used to specify who else may have access to the information.
Non-discretionary access control – Also known as role-based access control (RBAC). Allows access based on the role and responsibilities of the individual within the organization.
Attribute-based access control (ABAC) – Allows access based on the attributes of the resource to be accessed, the user accessing the resource, and the environmental factors such as the time of day.