Attribute and Activity Based Access Control

Question

Attribute and Activity Based Access Control

What is the difference between attribute-based access control and action-based access control in the context of cloud authorization?

+4

authorization cloud xacml abac soa

thisisemar Mar 09 '14 at 16:36

source share

1 answer

David Brossard · Accepted Answer · 2015-01-29T11:02:57+0000

Attribute-based access control is an access control (or authorization) model defined by NIST that facilitates the use of attributes to define access control policies. This is an evolution from the role-based access control model (RBAC) that prevails today.

Example:

== manager == view == blog post, object.owner == user.id
, , , - , .

xacml ABAC.

abac - NIST.

- , , -, .

Attribute and Activity Based Access Control

More articles: