h4cker/cheat_sheets/access_control_cheatsheet.md

# Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC)

| Feature                | DAC                                                  | MAC                                                | RBAC                                                 | ABAC                                                       |
|------------------------|------------------------------------------------------|----------------------------------------------------|------------------------------------------------------|------------------------------------------------------------|
| Access Control Basis   | Based on identity of the requester and the discretion of the owner | Based on classifications and security clearances | Based on roles within an organization                | Based on attributes (user, resource, environment)          |
| Access Decision        | Owners of the resource decide who can access it      | System-enforced, not changeable by users           | Access based on roles and their permissions          | Decisions based on a set of policies involving attributes  |
| Flexibility            | Highly flexible with individualized control          | Less flexible, focuses on classification levels    | Moderately flexible, easy to manage                  | Highly flexible and granular                               |
| Complexity             | Can become complex with many users and permissions   | High, due to strict policy enforcement             | Medium, depends on roles and permissions setup       | High, due to complex policy definitions                    |
Create access_control_cheatsheet.md 2024-01-26 16:58:50 +00:00			`# Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC)`

			`\| Feature \| DAC \| MAC \| RBAC \| ABAC \|`
			`\|------------------------\|------------------------------------------------------\|----------------------------------------------------\|------------------------------------------------------\|------------------------------------------------------------\|`
			`\| Access Control Basis \| Based on identity of the requester and the discretion of the owner \| Based on classifications and security clearances \| Based on roles within an organization \| Based on attributes (user, resource, environment) \|`
			`\| Access Decision \| Owners of the resource decide who can access it \| System-enforced, not changeable by users \| Access based on roles and their permissions \| Decisions based on a set of policies involving attributes \|`
			`\| Flexibility \| Highly flexible with individualized control \| Less flexible, focuses on classification levels \| Moderately flexible, easy to manage \| Highly flexible and granular \|`
			`\| Complexity \| Can become complex with many users and permissions \| High, due to strict policy enforcement \| Medium, depends on roles and permissions setup \| High, due to complex policy definitions \|`