Provides a universal access control layer between applications and DBMSs, following a standardized ABAC model (NGAC*) that is a) DBMS-agnostic, b) does not require modification of the DBMS software, and c) can enforce types of access policies and at a granularity not typically available in database