Abstract :
A logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, and, in some cases, environmental conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes.
