Back Issues This Week → Current Issue → Popular →

Role-based access control allows network managers to personalize a user's access level based on the individual's role within the organization. Rule-based systems, on the other hand, grant access to individuals complying with a specific set of conditions. By establishing a pre-defined rule-based access control setting, an administrator might, for example, grant a person or team access to a specific network resource only during regular business day hours.

Rule-based access control, frequently abbreviated as RuBAC, is often described as an attribute-based control, since end users are given a specific level of system access based on pre-determined criteria, regardless of their role or position within the organization, explains Joe Dowling, Dell Technologies' vice president of cybersecurity, identity, and access management.