Non-discretionary access control (NDAC) can refer to any access control model besides discretionary access control (DAC). NDAC often refers to mandatory access control (MAC), in which permission is granted only if the subject’s clearance matches the sensitivity level of a given object.
Discretionary access control is called ‘discretionary’ because subjects can readily pass on access permissions at their discretion. When you run a program in Windows, for instance, you grant the application broad access to your system. If an access control model does not allow users to pass along access privileges at their discretion, it is thus a non-discretionary access control model.
Mandatory Access Control (MAC)
When people use the term ‘non-discretionary access control’, they’re often referring to mandatory access control. Under mandatory access control, both subjects and objects are assigned a clearance level. To access an object, a subject’s clearance level has to match the object’s.
The classification system used by the United States military provides a classic example of mandatory access control. Individual files and objects are assigned labels such as Top Secret, Secret, and Classified. A user with a Top Secret clearance on a given topic can access all three levels, where a user with a Classified label can only access Classified information on the topic.
Mandatory access control is generally considered the strictest access control model, which is why it’s used for high stakes security, such as matters of national defense. The downside is that it’s rigorous to implement, and entails quite a bit of bureaucracy to manage. For your typical business, implementing mandatory access control might be more trouble than it’s worth.
Fortunately, there’s always discretionary access control – as well as several other models of non-discretionary access control.
Other Non-Discretionary Access Control Models
Any access control model that does not allow users to pass on access at their discretion can be considered a non-discretionary access control model. These include the following:
- Under role-based access control, access is granted based on roles which are assigned by an administrator.
- Under rule-based access control, access is determined based on set rules. This form of access control is typically used by routers and firewalls to ensure network security.
- Under attribute-based access control, access is determined based on user attributes, such as job title, team, location, and device.
These are just a few examples of non-discretionary access control models. You can find more – and learn about the above models in greater detail – in our complete guide to access control models.