XACML 101 – A quick intro to Attribute-based Access Control with XACML

Acronym XACML: eXtensible Access Control Markup Language. Highlights XACML: What’s ABAC? ABAC stands for attribute-based access control. It is a natural evolution from role-based access control which itself is a natural evolution from access control lists. Access Control History in a Nutshell Once upon a time, there were access control lists. Once a user authenticated, its identity was known and could be used in such lists. Think of clubs and VIP lists. If you appear on a VIP list, the bouncer (enforcer) will let you in. It doesn’t matter what your role in life is… Then someone realized that the right to do something (authorizations, entitlements…) should rather be linked to a role. Bus drivers can drive public transport buses. […]