[Trae Johnson]

Access control models and technologies play a critical role in regulating how users interact with information and systems. The Discretionary Access Control model gives the data owner control to decide who has resources, usually through some form of access control list. Although this is often used with discretionary access control, it can be risky with high-security requirements. MAC assigns access based upon clearance levels and the sensitivity of information, hence stronger protection. Role-Based Access Control grants permissions depending on one’s role within the organization; setting up such roles simplifies administration while maintaining security. Rule-Based Access Control applies access rules across an organization, regulating the access of all users independent of user identity or position. Both the video and text depict that these models play an important role in consistently enforcing security policies, maintaining data confidentiality, and minimizing the risk of unauthorized access.