Content deleted Content added
No edit summary Tags: Visual edit Mobile edit Mobile web edit |
adding a reference from a journal to support the concepts |
||
Line 5:
Although the concept itself existed for many years, ABAC is considered a "next generation" authorization model because it provides dynamic, context-aware and risk-intelligent access control to resources allowing access control policies that include specific attributes from many different information systems to be defined to resolve an authorization and achieve an efficient regulatory compliance, allowing enterprises flexibility in their implementations based on their existing infrastructures.
Attribute-based access control is sometimes referred to as '''policy-based access control''' ('''PBAC''') or '''claims-based access control''' ('''CBAC'''), which is a Microsoft-specific term. The key standards that implement ABAC are XACML and ALFA (XACML)<ref>{{Cite journal|last=Silva|first=Edelberto Franco|last2=Muchaluat-Saade|first2=Débora Christina|last3=Fernandes|first3=Natalia Castro|date=2018-01-01|title=ACROSS: A generic framework for attribute-based access control with distributed policies for virtual organizations|url=http://www.sciencedirect.com/science/article/pii/S0167739X17316060|journal=Future Generation Computer Systems|language=en|volume=78|pages=1–17|doi=10.1016/j.future.2017.07.049|issn=0167-739X}}</ref>.
== Dimensions of attribute-based access control ==
| |||