Date Published: February 2019
Comments Due: April 1, 2019
Email Comments to: email@example.com
Vincent Hu (NIST), David Ferraiolo (NIST), Richard Kuhn (NIST)
Draft SP 800-205 describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document expands upon NIST SP 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, by proposing some notional implementation suggestions for consideration from the perspectives of fundamental security properties. It is intended to be a guide for federal agencies to attribute considerations with Attribute Evaluation Scheme examples for access control.
NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
Keywords access control; access control mechanism; access control model; access control policy; attribute considerations; attribute; assurance; attribute-based access control (ABAC); authorization; privilege