Fine-grained governance & security to your cloud data sources with ABAC

Starburst Galaxy has introduced attribute-based access control (ABAC) to enhance governance and security across cloud data sources, providing a more dynamic and flexible access control framework compared to traditional role-based access control (RBAC). ABAC allows organizations to define access rules based on a diverse set of attributes, including user roles, job titles, and contextual data, thus facilitating precise and real-time policy enforcement that aligns with business-driven data privacy policies. This approach supports the principle of least privilege (PoLP) by granting users only the necessary permissions for their tasks, thereby minimizing security risks. To implement ABAC in Starburst Galaxy, users must first tag their data assets, which involves creating a hierarchical tagging system that applies attributes to various data levels like catalogs, schemas, tables, and columns. These tags are then used to create policies that specify access privileges, potentially with expiration dates, to manage data access dynamically across complex enterprise environments.