Discretionary Access Control (DAC) is a type of access control mechanism where the data owner has the authority to determine who can access specific resources and what operations they can perform. This model relies heavily on the discretion of the user and is often implemented through access control lists or capabilities, making it flexible but potentially less secure than mandatory access control systems.