Attribute Metadata: A Proposed Schema for Evaluating Federated Attributes

Grassi, Paul; Lefkovitz, Naomi; Nadeau, Ellen; Galluzzo, Ryan; Dinh, Abhiraj

doi:https://doi.org/10.6028/NIST.IR.8112

NISTIR 8112

Attribute Metadata: A Proposed Schema for Evaluating Federated Attributes

Documentation Topics

Date Published: January 2018

Author(s)

Paul Grassi (NIST), Naomi Lefkovitz (NIST), Ellen Nadeau (NIST), Ryan Galluzzo (Deloitte & Touche), Abhiraj Dinh (Deloitte & Touche)

Abstract

This NIST Internal Report contains a metadata schema for attributes that may be asserted about an individual during an online transaction. The schema can be used by relying parties to enrich access control policies, as well as during runtime evaluation of an individual’s ability to access protected resources, and for an individual’s. Attribute metadata could also create the possibility for data sharing permissions and limitations on individual data elements. There are other possible applications of attribute metadata, such as evaluation and execution of business logic in decision support systems; however the metadata contained herein is focused on supporting an organization’s risk-informed authorization policies and evaluation.

Keywords

access control; assertions; attributes; attribute metadata; attribute values; attribute value metadata; authorization; federation; identity; identity federation; information security; metadata; privacy; risk; risk management; security; trust

Control Families

Identification and Authentication; Access Control

Documentation

Publication:
NISTIR 8112 (DOI)
Local Download

Supplemental Material:
None available

Related NIST Publications:
SP 800-162
SP 800-162
SP 800-162

Document History:
01/12/18: NISTIR 8112 (Final)

Topics

Security and Privacy
access authorization; access control; authentication; risk management