Which control method gives the resource owner the authority to grant access to users?

Discretionary Access Control (DAC) is a model that allows the owner of a resource the flexibility to make decisions about who can access that resource. In a DAC system, users are granted access rights based on the discretion of the resource owner, meaning they have the authority to determine which users can access their files or resources and what level of access those users have.

For example, if an individual creates a document, they can choose to share it with colleagues, revoke access, or even set specific permissions based on each user's needs. This level of control is particularly advantageous in environments where collaboration is key, as it allows for dynamic sharing and access management.

In contrast, other control methods like Mandatory Access Control (MAC) enforce strict access policies determined by a central authority and do not allow individual users to make changes. Role-Based Access Control (RBAC) assigns access based on user roles rather than individual ownership of resources, while Attribute-Based Access Control (ABAC) uses attributes of users, resources, and environment conditions to determine access. Therefore, DAC’s key feature is that it empowers the resource owner directly, highlighting the personal discretion aspect of access control.