NIST announces the public comment release of NIST Special Publication 800-178, A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services. Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. The aim of both is to provide a standardized way for expressing and enforcing vastly diverse access control policies on various types of data services. However, the two standards differ with respect to the manner in which access control policies are specified, managed, and enforced. This document describes XACML and NGAC, and then compares them with respect to five criteria. The goal of this publication is to help ABAC users and vendors make informed decisions when addressing future data service policy enforcement requirements.
The specific areas where comments are solicited are:
- Accuracy in the description of the XACML and NGAC frameworks.
- Analysis
Deadline to submit comments is: January 15, 2016.
Email comments or questions to: sp800-178@nist.gov using the Comment Template included along with this announcement.
The "Type" codes for comment are:
- E - Editorial
- G - General
- T - Technical
