ABAC stands for authorization-based access control.
In this model, access is not granted based on the
identity of the caller but by an authorizing agent
that delegates access to a particular resource.
Such authorization is then encapsulated in
[[capabilities]] allowing them to be freely [[delegated]].

See also [[IBAC]].