Dynamic row-level security (DRLS) models identify the user connected to the dataset via the USERPRINCIPALNAME() function and apply filters based on this identity. These models can use DAX functions or tables and relationships to implement a filter context specific to the given user. For example, a user and a permissions table could be added to the dataset (and hidden) so that the user table would first filter the permissions table, and the permission table would then filter the dimension to be secured, such as a Sales Territory Country.
In the following example of a permissions table, Jen Lawrence is associated with Germany, Australia, and the United States, and thus should only have visibility to these countries ...