Policy-Based Access Control
PBAC centralizes authorization logic into written policies that are evaluated at access time, often combining roles, attributes, and context. Policies are typically expressed in a policy language and enforced by a decision engine rather than hardcoded in each application. It supports dynamic, fine-grained authorization across large environments.