Governance Based Access Control - GBAC - Information assets can be managed based on their governing legislation. GBAC considers the larger issue of why information is being held in the first place, and takes into account that multiple authorities may be required to determine access control or information sharing decisions. Rules can be enforced based on key governance issues: Jurisdiction, Collection Legislation, Collection Purpose, Security Designation, Disclosure Legislation and Disposition Authority. By classifying information according to governance and specifying the rules of governance, an organization may share information without knowing the recipient, the intended use or the specific contents.

Source: http://identityaccessman.blogspot.com/2006/08/identity-dictionary.html