A company wants to provide access to specific schema fields in a sandbox to various internal teams based on their functions. What is the primary attribute of attribute-based access control (ABAC) feature which can be used to manage access to these specific schema fields?
In Adobe Real-Time CDP, Attribute-Based Access Control (ABAC) is a powerful governance feature that allows for granular control over who can view specific data at the field level. The primary mechanism used to drive this functionality is Access Labels (Option A).
Access labels are metadata tags applied directly to XDM schema fields or datasets. These labels categorize data based on its sensitivity or functional purpose (e.g., 'PII,' 'Financial,' or 'Regional'). Once a field is tagged with an access label, the platform's Permissions system uses Policies to evaluate whether a user's assigned role has the authority to view data associated with that specific label. If a user belongs to a functional team that lacks the corresponding permission for a 'Sensitive' label, the data in those specific schema fields will be masked or completely hidden from them throughout the platform UI, including the Profile viewer and Query Service.
Options B, C, and D are not recognized technical terms or primary attributes within the Adobe Experience Platform ABAC framework. While 'Access Profiles' might exist in general security terminology, AEP specifically utilizes Roles and Policies tied to Labels. By leveraging Access Labels, a company can ensure that internal teams---such as a support team or a regional marketing group---only see the data necessary for their specific business function, maintaining strict data privacy and security compliance.
Currently there are no comments in this discussion, be the first to comment!