An access control model that uses attributes of users, resources, and environment to make dynamic authorization decisions based on policies.
ABAC provides more granular and flexible access control than traditional role-based models, considering multiple attributes like time, location, device, and risk score. This dynamic approach helps prevent insider threats by automatically adjusting access based on changing risk factors.