Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC)

Feature	DAC	MAC	RBAC	ABAC
Access Control Basis	Based on identity of the requester and the discretion of the owner	Based on classifications and security clearances	Based on roles within an organization	Based on attributes (user, resource, environment)
Access Decision	Owners of the resource decide who can access it	System-enforced, not changeable by users	Access based on roles and their permissions	Decisions based on a set of policies involving attributes
Flexibility	Highly flexible with individualized control	Less flexible, focuses on classification levels	Moderately flexible, easy to manage	Highly flexible and granular
Complexity	Can become complex with many users and permissions	High, due to strict policy enforcement	Medium, depends on roles and permissions setup	High, due to complex policy definitions