what is the Attribute Based Access Control model?

Learn about ABAC, the security model underpinning archTIS’ products and services, and how it can be applied to your business needs.

the secure collaboration challenge

Globally, digital transformation has created new ways to work smarter and faster — anytime, anywhere. However, collaborating on and sharing sensitive or classified information introduces new risks and problems that must be solved.

A new threat vector has emerged with digital collaboration. Globally, careless or negligent employees and contractors account for 62% of insider security incidents, and malicious insiders 23%. Security that addresses insider threats and external threats is paramount for enterprises, government, defence industry, research, intelligence and supply chain collaboration.

 

Why Attribute Based Access Control?

Attribute Based Access Control (ABAC) is a security model that allows individuals to define rules to control who accesses information and under what conditions. This enables the right people to access the right information at the right time.

ABAC allows government, defence, and industry to safely share and collaborate on information and ensure that the conditions they set on access and sharing will be enforced.

The complete portfolio of archTIS solutions leverage a data-centric, attribute-based access control (ABAC) methodology to ensure the highest levels of data protection.

 

How Does it Work? 

The ABAC model applies attributes to things like documents and users. A dictionary of attributes are created to build precise access control policies. Here is a simplified example of ABAC applied to document sharing and collaboration.

The attribute of geography is applied to the document.
User attributes are defined based on department and clearance levels.

If all rules within the policy are not met, access is denied.

Example

The policy could read, “If User A has geography = Australia, Clearance = NV1 and Department = 1, access is granted.”

What is an attribute?

Attributes are the characteristics or values of a component. With ABAC, security is built around the combination of different user, environmental and resource attributes.

Here are some examples:

USER

  • Name
  • Nationality
  • Security Clearance
  • Organisation
  • Group

LOCATION

  • Country
  • State
  • Address

DEVICE

  • Name
  • MAC Address

  • Credentials

  • Classification

NETWORK

  • Name
  • Credential
  • Classification

DATA

  • Documents
  • Videos
  • Raw Data
  • Images

Applications of ABAC in Government, Defence and Industry

The ABAC methodology ensures secure information access and sharing across government and industry. Explore the applications below.

Government

ABAC helps governments to facilitate highly secure and productive interagency and multinational collaboration.

Defence

ABAC facilitates the granular level of control needed to protect the TOP SECRET and critical Defence work.

Financial Services

ABAC enables financial services organisations to better protect client information and ensure compliance at all levels.

Critical Infrastructure

ABAC helps facilitate secure collaboration for big and complex projects, for increased productivity.

Government Industry

ABAC helps facilitate trust between government and industry by providing a common standard for the security of information.

Defense Industry

ABAC helps Defence protect the nation’s most sensitive and classified information, across the supply chain.

Healthcare & Life Sciences

ABAC helps securely share sensitive information and intellectual property in the development of critical health and response services.

Legal

ABAC enforces a greater level of protection over confidential documents and data, to uphold important justice processes.