!!! Overview
In computer security, discretionary access control [DAC] is a type of [Access Control Model] defined by the [Trusted Computer System Evaluation Criteria] "as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. 

The controls are discretionary in the sense that a [Digital Subject] with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other [Digital Subject] (unless restrained by [Mandatory Access Control])".

Discretionary access control is commonly discussed in contrast to [Mandatory Access Control] or MAC. 

Occasionally a system as a whole is said to have "discretionary" or "purely discretionary" access control as a way of saying that the system lacks mandatory access control. On the other hand, systems can be said to implement both [Mandatory Access Control] and [{$pagename}] simultaneously, where [{$pagename}] refers to one category of access controls that [Digital Subjects] can transfer among each other, and [Mandatory Access Control] refers to a second category of [Access Controls] that imposes constraints upon the first.

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]