IAM teams in the federal government are finding that Attribute Based Access Control is key to meeting regulatory and compliance requirements.
ABAC is an access control approach that is recommended by NIST and discussed in their Guide to Attribute Based Access Control (ABAC) Definition and Considerations (NIST Special Publication 800-162) document. With ABAC, the use of subject, environment, and resource attributes is virtually unlimited.
Instead of taking into account only role, other user attributes such as title, organization, geographic location, authentication information, and so forth can be used in conjunction with digital policies to make access control decisions.
This paper will explain how ABAC fits into an existing IAM framework for the federal government.