Policy-Based Access Control (PBAC) is a type of access control that defines and enforces security policies. It can be defined as a strategy to manage user access to systems, fusing the business roles of users with policies that define the access privileges they should have. Simply put, Policy-Based Access Control (PBAC) is a security model that determines which users are allowed to access which resources.
In a PBAC system, each type of user is assigned a set of policies that define what they are allowed to do. When they attempt to access a resource, the system checks the policies to see if they are allowed to do so. If the user’s policies allow them to access said resource, they are granted access; if not, access is denied.
PBAC can be used to control access to any type of resource, including files, databases, applications, and network devices. It is often used in conjunction with other security models, such as Role-based Access Control (RBAC), to provide a more comprehensive security solution.
However, unlike RBAC, PBAC enables organizations to rapidly change privileges based on new regulations or new corporate policies without auditing and changing roles throughout the organization. This ensures assets cannot be compromised and regulations are met.