This is the last paragraph in my first article for IDpro:
Mainstream Access Control mechanisms like RBAC and ACL’s have a long tail and will continue to have valid use cases in many organizations. However, as companies, governments, and organizations begin to require communications and collaborations outside of their traditional four walls, other ways of controlling access are required.
Mainstream Access Control methods are not able to deliver the growing need for ﬂexible access control in a changing world. Modern Access Governance requires modern access control methods. There is a clear need for Dynamic Access Control. Interestingly, the tools are becoming available, and implementation need not interfere with the current best practices, Adaptive Authentication, and PBAC can be added to an existing identity and access architecture. It takes some planning, based on a roadmap. And of course, it requires implementing elements of Access Governance (as explained in a separate article in the IDPro BoK).
Here the link to Introduction to Access Control#^https://bok.idpro.org/article/id/42/#