Role-based : Map users to roles and check whether a role can perform the requested operation.
• Identity-based : Authorize users based on their identity.
• Claims-based : Grant or deny access to the operation or resources based on the client’s claims.
• Resource-based : Protect resources using access control lists (ACLs)
Source: MSDN | |