Which of the following is the BEST description of attribute-based access control (ABAC)?
-
A
Access is granted based solely on the user's role within the organization
-
B
Access decisions are made using multiple attributes of the user, resource, and environment
-
C
Access is determined by the data owner who sets permissions on each object
-
D
Access is controlled entirely by system-enforced security labels