Rule based access control-rule based access control is based on a specific profile for each user. information can be easily changed for only one user but this scheme may become a burden in a very large environment. a rule-based access control unit will intercept every request to the server and compare the source specific access conditions with the rights of the user in order to make an access decision. a good example could be a firewall. here a set of rules defined by the network administrator is recorded in a file. every time a connection is attempted (incoming or outgoing), the firewall software checks the rules file to see if the connection is allowed. if it is not, the firewall closes the connection. lattice-based access control is associated with mandatory access control (mac). directory based and id based access controls are not relevant.