Defines what an authenticated person can do with that data. e.g. user roles, or permissions

Network Access Control (NAC) * Create policies for what individual systems can do on the network.

Access Control List (ACL) * Clearly defined list of permissions a user has on a system * ACL access models: + Mandatory Access Control (MAC) Every resource is assigned a label that defines its security level. + Discretionary Access Control (DAC) Based on the idea that a resource has an owner who may at their discretion assign access to that resource. + Role-Based Access Control (RBAC) - Most popular - Users are placed in groups and groups have different access to things.