Defines what an authenticated person can do with that data. e.g. user roles, or permissions

Network Access Control (NAC)

• Create policies for what individual systems can do on the network.

Access Control List (ACL)

• Clearly defined list of permissions a user has on a system
• ACL access models:
  • Mandatory Access Control (MAC) Every resource is assigned a label that defines its security level.
  • Discretionary Access Control (DAC) Based on the idea that a resource has an owner who may at their discretion assign access to that resource.
  • Role-Based Access Control (RBAC)
    • Most popular
    • Users are placed in groups and groups have different access to things.