When it comes to securing access to services and data, we see many different use cases and, with that, the enforcement of authorization rules at different layers in the IT stack. This spans all the way from the Web/Presentation tier down to the data tier as illustrated in Figure 1.
Enforcing authorization directly at the data level is incredibly powerful as it could mean minimal or no changes to the applications that are accessing the data itself. The approach could be designed in such a way that, regardless of what application (web application, business analysis, etc.) is accessing the data, access is systematically controlled and consistently enforced. With this model, you can achieve tremendous leverage to cover many applications with a single ABAC integration at the data source.