Does Cedar deserve its own Back? An argument can certainly be made that it combines RBAC and ABAC--slicing the data first with RBAC and then iterating with ABAC. However, Cedar's power also lies in its tight enforcement of schema, which enables developers to model security based on their exact entity model. To not define a new "BAC" for Cedar Based Access Control" wouldn't notify the community how revolutionary it really is.
