Question
A large multinational company uses a cloud-based document storage system. The system provides access to documents by considering a combination of factors: the user's department, geographic location, the document's sensitivity level, and the current date and time. What access control technique evaluates a set of attributes that each subject possesses to determine if access should be granted?
Answers
GPT-4o mini
The access control technique that evaluates a set of attributes that each subject possesses to determine if access should be granted is called **Attribute-Based Access Control (ABAC)**.
In ABAC, access rights are granted based on attributes (which can include user attributes, resource attributes, and environment conditions) rather than solely on roles or permissions. The system considers the user's department, geographic location, the document's sensitivity level, and additional context, such as the current date and time, to make access decisions. This flexibility allows for more granular and dynamic access control compared to traditional models like Role-Based Access Control (RBAC).
In ABAC, access rights are granted based on attributes (which can include user attributes, resource attributes, and environment conditions) rather than solely on roles or permissions. The system considers the user's department, geographic location, the document's sensitivity level, and additional context, such as the current date and time, to make access decisions. This flexibility allows for more granular and dynamic access control compared to traditional models like Role-Based Access Control (RBAC).