Definition and Purpose

Discretionary Access Control (DAC) is a widely used access management model where individual users control access to the resources they own. Specifically, the creator or owner of a file, folder, or system object decides who can read, modify, or execute it. Systems apply these permissions through Access Control Lists (ACLs) or group-based policies, depending on the operating environment.

Because DAC allows resource owners to manage access directly, it offers a high level of flexibility. However, this same flexibility introduces risks, especially when users misconfigure permissions or share login credentials. Consequently, organizations must implement additional security measures to compensate for these weaknesses.

Risks of Discretionary Access Control

Although DAC is convenient, it often leads to unauthorized access and security vulnerabilities. For instance, users might assign excessive permissions to collaborators or forget to revoke access when someone changes roles. Additionally, shared accounts and passwords make it difficult to track who performed specific actions, reducing accountability across the system.

Furthermore, DAC systems typically lack centralized oversight. Without it, security teams struggle to monitor access trends, identify misuse, or enforce standardized access policies. Therefore, organizations that rely heavily on DAC should incorporate more robust authentication and auditing mechanisms to strengthen protection.

Enhancing DAC with GateKeeper Proximity

GateKeeper Proximity helps mitigate DAC’s inherent risks by introducing proximity-based access control tied to individual user identities. Rather than depending solely on passwords or manually set permissions, GateKeeper requires the presence of a registered Bluetooth token or smartphone for access. When users step away, GateKeeper automatically locks the session, eliminating the threat of unattended workstations.

Moreover, GateKeeper generates detailed access logs in real time, enabling administrators to track which users accessed which systems and when. This visibility enhances compliance and audit readiness. By integrating with DAC environments, GateKeeper maintains user-level control while embedding stronger authentication, session security, and user accountability into the process.