Attribute-Based Access Control (ABAC)

ABAC (Attribute-Based Access Control) is a type of access control that defines access policies based on attributes (such as user role, location, time, and device) rather than roles or permissions. In ABAC, access decisions are made based on the evaluation of multiple attributes, rather than relying on a single factor (such as a user’s role).

The main advantage of ABAC is its flexibility. Because ABAC policies are defined based on attributes, rather than roles or permissions, access can be defined and managed in a much more granular and dynamic way. Additionally, ABAC allows organizations to incorporate multiple factors into their access control policies, making it possible to take into account factors such as user role, location, time, and device, among others.

In ABAC, policies are defined using a combination of attributes, and the decision to grant or deny access is based on the evaluation of these attributes. This allows organizations to define more complex and sophisticated access policies, tailoring access control to their specific needs.

In summary, ABAC (Attribute-Based Access Control) is a type of access control that defines access policies based on attributes, rather than roles or permissions, providing organizations with a more flexible and dynamic way to manage access to their resources.

Attribute-Based Access Control (ABAC)

Related Terms

Policy Decision Point (PDP)

Policy Enforcement Point (PEP)

Policy Administration Point (PAP)

Back-channel logout

Front-channel logout

cname (Canonical Name)

Signed Header

Continuous Verification

LDAP (Lightweight Directory Access Protocol)

OWASP (Open Web Application Security Project)