Roles define static collections of privileges that define broad user access rights and definitions. Rules extend this static model, established by attaching a user to a Role, by examining user attributes such as department code or location code, and specifying additional details, such as mail server location, based on these user-specific variables.

Return to IT Security Concepts