Simplifying Attribute-Based Access Control (ABAC) for Modern Enterprises

Authors

  • Dinesh Rajasekharan Vellore Institute of Technology, India Author

DOI:

https://doi.org/10.32628/CSEIT251112332

Keywords:

Attribute-Based Access Control (ABAC), Granular Access Management, Context-Aware Security Policies, Zero Trust Architecture, , Cloud-Native Security

Abstract

This article provides a comprehensive exploration of Attribute-Based Access Control (ABAC) and its growing importance in modern enterprise security. It begins by explaining the core principles and components of ABAC, contrasting it with traditional Role-Based Access Control (RBAC) to highlight its advantages in flexibility, granularity, and context-awareness. The article then delves into the practical aspects of implementing ABAC in organizations, discussing key steps such as assessing current systems, defining attributes, developing policies, and managing the transition. Real-world examples illustrate ABAC's application in securing cloud-native applications and managing access for dynamic workforce scenarios. The article also addresses challenges associated with ABAC implementation, including policy complexity, performance considerations, legacy system integration, and privacy concerns. Finally, it examines future trends in ABAC, such as its integration with artificial intelligence and machine learning, its role in zero-trust security models, and ongoing standardization efforts. Throughout, the article emphasizes ABAC's potential to revolutionize access management by enabling more nuanced, adaptive security policies that can better align with the complexities of modern enterprise environments.

Downloads

Download data is not yet available.

References

MarketsandMarkets. (2023). Attribute-Based Access Control Market - Global Forecast to 2028. https://www.marketsandmarkets.com/Market-Reports/attribute-based-access-control-market-208154545.html

Scott Rose, Oliver Borchert et al., National Institute of Standards and Technology. (August 2020). Zero Trust Architecture (NIST Special Publication 800-207). https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf

European Data Protection Board. (02 September 2020). Guidelines 07/2020 on the concepts of controller and processor in the GDPR. https://edpb.europa.eu/sites/default/files/consultation/edpb_guidelines_202007_controllerprocessor_en.pdf

OASIS. (22 January 2013). eXtensible Access Control Markup Language (XACML) Version 3.0. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html

Vincent C. Hu, David Ferraiolo et al., NIST Special Publication(January 2014 ). Guide to Attribute Based Access Control (ABAC) Definition and Considerations. https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-162.pdf

Cloud Security Alliance. (2021). Cloud Controls Matrix v4. https://cloudsecurityalliance.org/research/cloud-controls-matrix/

National Institute of Standards and Technology. (2022). Special Publication 800-207: Zero Trust Architecture. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf

International Organization for Standardization. (2022). ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements. https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-3:v1:en

European Data Protection Board. (2021). Guidelines 01/2021 on Examples regarding Data Breach Notification. 2021. https://www.edpb.europa.eu/our-work-tools/documents/public-consultations/2021/guidelines-012021-examples-regarding-data-breach_en

Vincent C. Hu et al., National Institute of Standards and Technology. (2023). NIST Special Publication 800-205: Attribute Considerations for Access Control Systems. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-205.pdf

Downloads

Published

23-02-2025

Issue

Section

Research Articles

How to Cite

Simplifying Attribute-Based Access Control (ABAC) for Modern Enterprises. (2025). International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 11(1), 3140-3149. https://doi.org/10.32628/CSEIT251112332