In non-discretionary access control, a central authority determines what subjects can have access to certain objects based on the organizational security policy. The access controls may be based on: A. the society's role in the organization B. the individual's role in the organization C. the group-dynamics as they relate to the individual's role in the organization D. the group-dynamics as they relate to the master-slave role in the organization
