In a discretionary access control model, who primarily determines access rights to objects?

In a discretionary access control model, the primary authority to determine access rights to objects lies with the owner of the object. This model allows object owners to make decisions regarding who can access their resources and what level of access they permit. For instance, if a user creates a file, they typically have the ability to decide which other users can read, modify, or delete that file. This ownership-based control contrasts with other access control models, such as mandatory access control, where policies are enforced by a central authority rather than by the individual users.

This system promotes flexibility and user empowerment, as owners can tailor access permissions based on their specific needs and contexts. Thus, the correct choice reflects the fundamental principle of discretionary access control, where the user who has created or owns a resource retains significant authority over its access.