Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-205 (DRAFT)

Attribute Considerations for Access Control Systems

Date Published: February 2019
Comments Due: April 1, 2019
Email Comments to: sp800-205-comments@nist.gov

Author(s)

Vincent Hu (NIST), David Ferraiolo (NIST), Richard Kuhn (NIST)

Announcement

Draft SP 800-205 describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document expands upon NIST SP 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, by proposing some notional implementation suggestions for consideration from the perspectives of fundamental security properties. It is intended to be a guide for federal agencies to attribute considerations with Attribute Evaluation Scheme examples for access control.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

access control; access control mechanism; access control model; access control policy; attribute considerations; attribute; assurance; attribute-based access control (ABAC); authorization; privilege
Control Families

Access Control;

Documentation

Publication:
SP 800-205 (DRAFT) (DOI)
Local Download

Supplemental Material:
None available

Topics

Security and Privacy
access control