Revision as of 02:50, 9 August 2019 edit 2600:1700:a470:6e20:158:3929:c093:62a0 (talk) Done Tags: Visual edit Mobile edit Mobile web edit ← Previous edit		Revision as of 02:52, 9 August 2019 edit undo 2600:1700:a470:6e20:158:3929:c093:62a0 (talk) Done Tags: Visual edit Mobile edit Mobile web edit Next edit →
Line 27: # Action attributes: attributes that describe the action being attempted e.g. read, delete, view, approve... # Object attributes: attributes that describe the object (or resource) being accessed e.g. the object type (medical record, bank account...), the department, the classification or sensitivity, the ___location... # Contextual (environment) attributes: attributes that deal with time, ___location or dynamic aspects of the access control scenario<ref name="stackoverflow.com">{{cite web\|url=http://stackoverflow.com/questions/36705901/alternatives-for-roles-claims-access-control-systems\|title=Alternatives for Roles/Claims Access Control Systems\|website=stackoverflow.com}}</ref> ===Policies=== Line 34: # A user can edit a document if they are the owner and if the document is in draft mode # Deny access before 9am With ABAC you can have as many policies as you like that cater to many different scenarios and technologies.<ref name="stackoverflow.com">{{cite web\|url=http://stackoverflow.com/questions/36705901/alternatives-for-roles-claims-access-control-systems\|title=Alternatives for Roles/Claims Access Control Systems\|website=stackoverflow.com}}</ref> ==Other models==

Attribute-based access control: Difference between revisions