Access Control


Authentication is a technique used to verify that someone is who they claim to be. Authentication isn't sufficient by itself to protect data. What's needed is another layer which is authorisation, this determines whether a user should be allowed access to the data or make the transaction they're attempting.   

  • Like role based access control. 

Sets who are allowed access to certain data. Not all data that a company has is necessary for every job that the company has.

Discretionary Access Control (DAC)

  • Discretionary Access Control is a type of access control system that holds the business owner responsible for deciding which people are allowed in a specific location, physically or digitally.

  • DAC is the least restrictive compared to the other


No comments have yet been made