Attribute-Based Access Control (ABAC) is a security model that grants or restricts access to resources based on attributes of users, resources, and the environment. These attributes can include user roles, department, time of access, and the sensitivity of the resource. This approach allows for more granular and flexible access control compared to traditional methods. In ABAC, policies define the rules for access based on these attributes. For example, a policy might allow only users in the Finance department to access certain financial documents during business hours. This dynamic method enhances security by ensuring that access is tailored to specific conditions and user characteristics.