What type of access control is illustrated by a permission listing for different users on a storage device?

The scenario of a permission listing for different users on a storage device best aligns with Resource-Based Access Control (RBAC). This type of access control focuses on the resources themselves—such as files, directories, or storage devices—and who has access to those resources. Each resource is associated with specific access permissions, detailing what users can do with the resource (e.g., read, write, execute).

In Resource-Based Access Control, administrators can specify user permissions directly related to resources, which allows for fine-grained control over how access is granted based on the resources that need to be protected. This granular approach can enable tailored access based on various user needs or security policies.

Other access control models like Mandatory Access Control, Attribute-Based Access Control, and Role-Based Access Control have different characteristics that do not specifically focus on the listing of permissions for individual resources. For example, Mandatory Access Control revolves around predefined policies that dictate access based on security labels and classifications, rather than individual user permissions for resources. Role-Based Access Control organizes access permissions based on roles rather than on resource-specific user permission listings, and Attribute-Based Access Control uses various attributes related to users and environments to make access decisions rather than directly associating user permissions with resources. Thus, the concept illustrated aligns