What is Abstraction in Security?
Abstraction is a protection mechanism concept that provides efficiency. It allows something that is complex to be represented in a simple manner.
An example of abstraction is having all employees in an organization be classified into groups. After they are classified into groups, each group is assigned security controls, restrictions, or permissions. The accounting department would have access to all things accounting such as payroll. It wouldn’t make sense for the Engineering department to also be in the same group as the accounting department.
Abstraction simplifies security by enabling organizations to assign security controls to a group of objects collected by type or function.