!!! Overview
[{$pagename}] ([ABAC]) is an [Access Control Model] when the values of values of Attributes for a [Digital Subject] determine [Permission].


Despite [ABAC]’s advantages and federal guidance that comprehensively defines [ABAC] and the considerations for enterprise deployment ([NIST Special Publication] [NIST.SP.800-162]), [adoption] has been slow. In response, the [National Cybersecurity Center of Excellence] ([NCCoE]), part of the [National Institute of Standards and Technology] ([NIST]), developed an example of an advanced access control system. (NIST Special Publication] [NIST.SP.1800-3])

!! [{$pagename}] [Examples]
[Examples] of [Access Control Models] that is consistent with ABAC is the [EXtensible Access Control Markup Language] ([XACML]). The [XACML] model employs elements such as:
* rules
* policies
* rule- and policy-combining algorithms
* attributes (subject, (resource) object, action and environment conditions), obligations, and advice. 
[EXtensible Access Control Markup Language] reference architecture includes functions such as:
* [Policy Decision Points] ([PDPs])
* [Policy Enforcement Points] ([PEPs])
* [Policy Administration Points] ([PAPs])
* [Policy Information Points] ([PIPs]) 
Another example is the [Next Generation Access Control] ([ANSI 499], [NGAC]).

!! [RBAC vs ABAC]
The silly discussion of [RBAC vs ABAC].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]