What is an example of rule-based access control?

Rule-based access control is a method that uses specific rules to determine who can access certain resources and under what circumstances. This model is characterized by predefined policies that dictate access rights based on various attributes, such as user roles or the characteristics of the data being accessed.

In the context of the given example, router access control lists (ACLs) are a prime illustration of rule-based access control. These lists are configured to allow or deny network traffic based on defined criteria, such as the source and destination IP addresses, ports, and protocols. When an IP packet arrives at a router, the router evaluates the packet against the predefined rules in the ACL and decides whether to permit or block that traffic.

This approach is systematic and objective, as it applies the same rules consistently regardless of the individual user or context, which is a core principle of rule-based access control. Other options presented do not exemplify this concept in the same way; they relate more to user-based permissions or specific group access rather than a set of defined rules governing access based on network characteristics.