ABAC stands for authorization-based access control. In this model, access is not granted based on the identity of the caller but by an authorizing agent that delegates access to a particular resource. Such authorization is then encapsulated in capabilities allowing them to be freely delegated.
Back in 2009, there has been talk about renaming "ABAC" to "ZBAC - AuthoriZation Based Access Control" - This article says "ZBAC" instead of ABAC to avoid confusion, supposedly with "ABAC - Attribute-Based-Access-Control"
See also IBAC.
External Links
- Computer Access Control on Wikipedia
- Access Control List on Wikipedia