I am studying ABAC (Attribute Based Access Control), specifically for application in the context of access to digital evidence. Is there a document that gives an overview of step by step how to make ABAC policy, then how to implement and mechanism for testing of policy validation. Are there any tools that can be used for ABAC's purposes ?