Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?
A.
Attributes based
B.
Implicit deny
C.
Role based
D.
Rule based
Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?
Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?
Oddly, the answer here wasn’t in any of the sources I used to study except wiki…
Attribute Based Access Control (ABAC); see NIST, http://csrc.nist.gov/publications/drafts/800-162/sp800_162_draft.pdf
“It represents a point in the space of logical access control that includes access control lists, role-based access control, and the ABAC method for providing access based on the evaluation of attributes.”
Attribute: ” … characteristics or attributes of a subject such as name, date of birth, home address, training record, and job function that may, either individually or when combined, comprise a unique identity that distinguishes that person from all others. These characteristics are often called subject attributes.”