What type of access control restricts access based on the identity of users?

The chosen answer, identity-based access control, is correct because it specifically centers around granting or restricting access based on the authenticated identity of users. This method considers factors such as username and password combinations, biometric data, or other credentials to determine access rights.

In this model, each user is assigned specific privileges based on their identity, ensuring that only authorized individuals can access particular resources. This approach directly ties access control measures to the unique identity of each user, making it a fundamental concept in secure systems.

By contrast, role-based access control is focused on the roles users play within an organization, rather than their individual identities. This means that access rights are determined by the user's role rather than their specific identity. Discretionary access control allows users to decide who can access their resources, which is less about strict identity verification and more about user discretion. Mandatory access control establishes access restrictions based on predefined policies and does not adapt to the individual user’s identity. Therefore, while all these options are types of access control, only identity-based access control explicitly restricts access through the users' unique identities.