What type of access control allows data owners to set permissions on files?

Discretionary Access Control (DAC) is the correct type of access control that enables data owners to set permissions on files. In a DAC model, the users who own the data (such as files or directories) have the ability to determine who is allowed to access their resources and what type of access is granted. This means that an owner can grant or revoke access rights to other users, providing a flexible and user-friendly way to manage permissions.

In contrast, other access control models operate differently. Mandatory Access Control (MAC), for instance, does not allow users to modify access permissions; instead, the control policies are set by an authority and cannot be altered by users. Role-Based Access Control (RBAC) organizes permissions based on the role a user has within an organization, focusing on job functions rather than ownership of resources. Attribute-Based Access Control (ABAC) makes decisions based on various attributes (such as user roles, environmental conditions, and specific resource characteristics), rather than letting individual data owners manage permissions directly.

By understanding that DAC puts power in the hands of the data owner to manage access, it becomes clear why it is uniquely suited for situations where users need autonomy over their own files.