Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-205 (DRAFT)

Attribute Considerations for Access Control Systems

Date Published: February 2019
Comments Due: April 1, 2019 (public comment period is CLOSED)
Email Questions to:

Withdrawn: June 18, 2019


Vincent Hu (NIST), David Ferraiolo (NIST), Richard Kuhn (NIST)


Draft SP 800-205 describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document expands upon NIST SP 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, by proposing some notional implementation suggestions for consideration from the perspectives of fundamental security properties. It is intended to be a guide for federal agencies to attribute considerations with Attribute Evaluation Scheme examples for access control.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



access control; access control mechanism; access control model; access control policy; attribute considerations; attribute; assurance; attribute-based access control (ABAC); authorization; privilege
Control Families

Access Control;


SP 800-205 (DRAFT) (DOI)
Local Download

Supplemental Material:
None available

Document History:
Draft SP 800-205 (2/13/19)
SP 800-205 (6/18/19)


Security and Privacy
access control