Current　Role-Based　Access　Control　(RBAC)　can＇t　assign　permissions　dynamically　and　can＇t　update　access　control　policies　automatically.　In　this　paper　we　present　a　new　network　access　control　(NAC)　mechanism　based　on　role　and　behavior　(RB-NAC)　which　enhances　role-based　access　control　by　establishing　clusters　of　behavior　to　limit　permissions　of　user　dynamically　and　incorporating　an　incremental-learning　algorithm　to　update　the　policies　without　manual　intervention.　RB-NAC　as　an　enhanced　access　control　mechanism　shows　its　efficient　flexibility　and　scalability　in　access　control.　©　2010　IEEE.