Rule-Set-Based Access Control

is a type of access control mechanism that allows administrators to define and enforce access control policies based on a set of rules.

• The accesses are controlled by a set of rules defined by an Administrator.
• The rules define which users or groups are allowed to access certain resources.
• The rules can use time, states of the system, user attributes,
• It is more secure than role-based access control.
• Commonly used in small organizations.
• Subjects: The entities requesting access (processes or users).
• Objects: The resources targeted by the subjects (files, network, folders, and files).
• Rules: The policies defining how the subjects interact with the objects.
• ACLs: The list of permissions granted to subjects.
• Use of Labels is also possible to classify objects by sensitivity or importance.