The use of profiles-rule based access control is based on a specific profile for each user. information can be easily changed for only one user but this scheme may become a burden in a very large environment. a rule-based access control unit will intercept every request to the server and compare the source specific access conditions with the rights of the user in order to make an access decision. a good example could be a firewall. here a set of rules defined by the network administrator is recorded in a file. every time a connection is attempted (incoming or outgoing), the firewall software checks the rules file to see if the connection is allowed. if it is not, the firewall closes the connection. information flow labels are usually associated with mandatory access control (mac). data flow diagrams are most commonly used in software development, not in rule-based access control. tokens are usually used for authentication, a function which is important for any type of access control.