Attribute-Based Access Control (ABAC)

Abstract

Muhammad Rawish Siddiqui

As organizations evolve and expand their IT infrastructure, especially within cloud environments and hybrid systems, traditional access control models like Role-Based Access Control (RBAC) often fall short in addressing modern security requirements. This paper delves into Attribute-Based Access Control (ABAC), a dynamic and flexible access control mechanism that makes decisions based on a combination of user, resource, and environmental attributes. ABAC provides a more granular and context-aware security model, allowing organizations to effectively manage access to sensitive data and systems in a dynamic environment. Through the integration of attributes, ABAC enhances security, compliance, and operational efficiency.

PDF