If the product supports access control based on defined rules, what is the granularity of the rules supported: access control per user, group, or

If the product supports access control based on defined rules, what is the granularity of the rules supported: access control per user, group, or role? What attributes or conditions of access are supported (e.g., type of transaction performed, time frame/frequency of transaction type, or physical/IP address origination)? Can the product limit specific transaction types (execution, creation, reading, writing, deletion and renaming) for a particular file or device types system wide or on selected components? Where is integration requiredfor example, types of applications, operating systems, etc.?