All access control models rely on the distinction between subject and objects. A subject, such as a user or a group, can access an object. Objects include files, folders, devices, and other resources. When you use a printer, for instance, you are the subject and the printer is the object. When you attempt to use it, the system checks an access control list to see if you have

permission to access the resource - in this case, to use the printer.

Have an idea about all types of Access control models (Provided below) and pick out some

example scenarios where these can be applied. An example is provided.

Discretionary Access Control (DAC)

Mandatory Access Control (MAC)

Role-Based Access Control (RBAC)

Attribute-based Access Control (ABAC)

Rule-Based Access Control

Risk - Adaptive Access control

Identity-Based Access Control

Organization Based Access Control

Example:

RBAC

An approach that will make it easy to reassign permissions when users move around the organization

This approach would allow an administrator to simply change a user's role when they

switch jobs and then the permissions would automatically update based upon the user's

new role.