summaryrefslogtreecommitdiff
path: root/abac.mdwn
blob: 41de2062b5c7f711113fd85f9dd056fa34d60468 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[[!meta copyright="Copyright © 2007, 2008 Free Software Foundation, Inc."]]

[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
id="license" text="Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no Invariant
Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
is included in the section entitled
[[GNU Free Documentation License|/fdl]]."]]"""]]

ABAC stands for authorization-based access control.
In this model, access is not granted based on the
identity of the caller but by an authorizing agent
that delegates access to a particular resource.
Such authorization is then encapsulated in
[[capabilities|capability]] allowing them to be freely [[delegated|delegation]].

See also [[IBAC]].