Attribute-Based Access Control
ABAC
ABAC is an access control model that grants or denies access based on a combination of attributes — user attributes, resource attributes, environment attributes — evaluated against policies.
❓ What is Attribute-Based Access Control?
ABAC is an access control model that grants or denies access based on a combination of attributes — user attributes, resource attributes, environment attributes — evaluated against policies.
⚙️ How Does It Work?
When a request is made, the policy engine evaluates attributes like user.department, resource.sensitivity, environment.time. If the policy conditions match, access is granted.
📍 Where Is It Used?
Fine-grained authorization in complex environments — government, healthcare, multi-tenant cloud, financial systems.
💡 Real-World Example
A policy states: Finance employees can access budget documents during business hours from corporate devices. A finance analyst on a personal phone at midnight is denied access.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights delivered to your inbox via Identity Pulse.
Subscribe to Identity Pulse →