The Enterprise Dynamic Access Control (EDAC) is a metadata-based access control system that automates the complex and labor-intensive tasks of assigning users to roles. The model explains the different types of data that can be collected and how a rules engine can use these inputs to enforce dynamic access decisions. EDAC, which was developed within the U.S. Department of the Navy and is supported by NIST, offers the plumbing and algorithms to help corporations make secure and thoughtful authorization implementations.