What is Rules-based Access Control?

Do you need rules-based or role-based access control?

Rules-based Access Control and Role-based Access Control are two different approaches to managing access control for a physical location. Both systems have their own advantages and disadvantages, and the best choice for your organization will depend on your organization and location’s specific needs.

Rules-Based Access Control

Rules-based systems allow administrators to define specific rules that determine who can enter a physical location. These rules can be based on a variety of factors, such as the personnel's identity, employer, location, or other details about the individual such as certifications or trainings completed. Multiple rules can be combined at any given entry point to fit the specific needs of a complex location.

Examples:

  • An administrator might create a rule that allows all employees to enter the factory, but only after they have completed the safety orientation.

  • Another rule might allow only contractors associated with to enter a certain area of the facility only after the user has a drug test on file.

  • Another rule could allow delivery personnel to enter only if their employer has a certified vehicle entry pass on file. It could also check for CDL records or other driving credentials, if appropriate.

Advantages of Rules-based:

  • Rules-based systems are very flexible and can be used to implement a wide variety of access control policies.

  • Rules-based systems can allow safety or security checks to happen each time a user enters the site instead of only when they have their ID card created.

Disadvantages of Rules-based:

  • Some rules may require a lot of data entry to use the rule effectively. One solution to this would be to link the access system directly to an external database where employee and training data originates.

Role-Based Access Control

Role-based systems assign personnel to roles, and each role is granted a specific set of permissions. Personnel are then granted access to physical locations based on their roles.

Examples:

  • An administrator might create a role called "Supervisor" that has permission to enter all restricted areas of the building.

  • Another role might be called "Contractor" that has permission to enter the specific areas designated for contractor work and the customer area of the building.

Advantages of Role-based:

  • Role-based systems can be easier to set-up than Rules-based systems, especially for large organizations that do not have specific data on their personnel.

Disadvantages of Role-based:

  • Role-based systems can be less flexible than RBAC systems, as it can be difficult to create roles that meet the specific needs of all users.

Is Rules-based access control right for you?

If any of the below applies to you, Rules-based Access Control may be the solution you need!

Your location requires certain training before entry?

RULES BASED is for you!

You need other dynamic entry rules that are too complicated for roles?

RULES BASED is for you!

You have an existing database of credentials that needs to be leveraged to decide who can enter the site?

RULES BASED is for you!