We can configure user and device claim types in Active Directory which can be used as part of Dynamic Access Control (DAC) in a Windows based environment.
DAC was added in Windows Server 2012 to allow administrators to configure custom authorization to a file server by using conditional logic using user and device claim types. This is quite powerful, we can have permissions to a user change and update automatically based on changes to attributes to the user or device itself.