Rule-Set-Based Access Control
is a type of access control mechanism that allows administrators to define and enforce access control policies based on a set of rules.
- The accesses are controlled by a set of rules defined by an Administrator.
- The rules define which users or groups are allowed to access certain resources.
- The rules can use time, states of the system, user attributes,
- It is more secure than role-based access control.
- Commonly used in small organizations.
- Subjects: The entities requesting access (processes or users).
- Objects: The resources targeted by the subjects (files, network, folders, and files).
- Rules: The policies defining how the subjects interact with the objects.
- ACLs: The list of permissions granted to subjects.
- Use of Labels is also possible to classify objects by sensitivity or importance.