Access Control
Access control restricts resources, systems or data based on user identity, roles and permissions.[1] It employs mechanisms like ACLs, RBAC and ABAC to enforce policy. Dynamic controls can adapt to risk factors such as location or behavior anomalies. Effective access control reduces insider threat and lateral-movement risk.
