ABAC
ABAC (Attribute-Based Access Control) decides access from attributes of the user, resource and context, not from a role alone.
In ABAC, access is granted by rules that evaluate attributes: the department and position of the employee, the type and owner of a document, the time and other conditions. It is more flexible than RBAC and can express fine-grained policies such as “a manager sees data for their own team only”.