In Identity and Access Management we can use DAC (Discretionary Access Control), which is often
used when Availability is most important. Access to an object is assigned at the discretion of the
object owner. MAC (Mandatory Access Control): Often used when Confidentiality is most important.
Access to an object is determined by labels and clearance, this is often used in the military or in
organizations where confidentiality is very important. RBAC (Role Based Access Control): Often used
when Integrity is most important. Policy neutral access control mechanism defined around roles and
privileges. A role is assigned permissions, and subjects in that role are added to the group, if
they move to another position they are moved to the permissions group for that position. RUBAC is
based on IF/THEN statements (think older firewalls), and is not a type of Identity and Access
Management. TRAC is .. well nothing, I made it up 0_o