ABAC or Attribute-Based Access Control is another type of access control model. Instead of create roles for access management, and assign user to the appropriate role in RBAC, ABAC defines policies based on the attributes of the user/object/environment or even function/action in the system to manage the access control.
Due to this complexity, it is more difficult to implement compared to RBAC. However, if the policies and attributes framework is defined, the access management would be easy and can be controlled in more granular.
There are access models combining RBAC and ABAC. Check out the article by Ekran System below.
Further reads:
- https://www.ekransystem.com/en/blog/rbac-vs-abac
- https://csrc.nist.gov/Projects/Attribute-Based-Access-Control
No comments:
Post a Comment