Enterprises rely upon strong access control mechanisms to ensure that corporate resources (e.g. applications, networks, systems and data) are not exposed to anyone other than an authorized user. As business requirements change, enterprises need highly flexible access control mechanisms that can adapt. The application of attribute based policy definitions enables enterprises to accommodate a diverse set of business cases. This NCCoE building block will demonstrate a standards-based approach to attribute based access control (ABAC) that offers organizations the flexibility to easily accommodate permissions for different users, environments and conditions; centralized control of permissions; and an efficient way to share resources among partner organizations. This project will result in a freely available NIST Cybersecurity Practice Guide.
Enterprises rely upon strong access control mechanisms to ensure that corporate resources (e.g. applications, networks, systems and data) are not exposed to anyone other than an authorized user. As business requirements change, enterprises need highly flexible access control mechanisms that can...
See full abstract
Enterprises rely upon strong access control mechanisms to ensure that corporate resources (e.g. applications, networks, systems and data) are not exposed to anyone other than an authorized user. As business requirements change, enterprises need highly flexible access control mechanisms that can adapt. The application of attribute based policy definitions enables enterprises to accommodate a diverse set of business cases. This NCCoE building block will demonstrate a standards-based approach to attribute based access control (ABAC) that offers organizations the flexibility to easily accommodate permissions for different users, environments and conditions; centralized control of permissions; and an efficient way to share resources among partner organizations. This project will result in a freely available NIST Cybersecurity Practice Guide.
Hide full abstract