Protects By Policy
For collaboration purposes on small sets of documents, role based access control could serve your purposes. However, the infamous "role explosion" is hard to avoid. Policy Based Access Control (PBAC) is the next generation access control, building upon the ContentGrid meta-model and the attributes (ABAC) you defined in your meta-model. As a result, you get a small set of centralised access control policies. Moreover, policies allow you to defined much more fine grained access controls, as you can use all attributes you defined in your meta-model. Changes to access rules are audited, by the way!
What is it?
In the permissions section, you can add access policies. Most policies are a rule where user attributes and entitiy attributes are used to express what kind of user can access what kind of entities or documents. Very often, with good policies, you reduce the number of access rules you need in a classical content application (sharepoint, ECM, ..).
How does it work?
Access Policies in ContentGrid combine the attributes of users, business entities and document types to assign read, modify or delete rights.
Policies can make life very easy: in case you store emails in contentgrid, one rule would allow you to express that everybody in the to:, cc or bcc: section of the email is allowed to view the email.
Why is it different?
In folder and site based collaboration platforms, access rules are intrinsically coupled to a folder based navigation structure. These rules are often inherited down the folder tree, eventually overwritten at some point down the tree. ContentGrid decouples access rules from navigation: by expressing policies using attrributes of users and content entitities (document types), one rule covers millions of documents. Policies allow for more fine grained access controls; every attribute can be used to express your business requirements.
Get inspired by some killer examples in our lab section and try for yourself.
