The authorization framework that supports bothcoarse-grainedandfine-grainedauthorization isaccess control based on attributes. Attribute-based access control (ABAC) uses attributes (e.g., user roles, resource types, environmental conditions) to define policies that can range from broad (coarse-grained) to highly specific (fine-grained).
Option A: Incorrect. Role-based access control (RBAC) primarily supports coarse-grained authorization and lacks the flexibility for fine-grained control.
Option B: Incorrect. Access control based on lists and roles combines RBAC with access control lists but still lacks the granularity of ABAC.
Option C: Correct. Attribute-based access control (ABAC) supports both coarse-grained and fine-grained authorization by leveraging attributes to define dynamic and context-aware policies.
Option D: Incorrect. Policy-based access control is a broader term and may include ABAC, but it is not inherently designed for both coarse- and fine-grained authorization.
References:
SAP Customer Data Cloud - Authorization Frameworks
Attribute-Based Access Control (ABAC)
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit