Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publication Citation: Guide to Attribute Based Access Control (ABAC) Definition and Considerations

NIST Authors in Bold

Author(s): Chung Tong Hu; David F. Ferraiolo; David R. Kuhn; Adam Schnitzer; Kenneth Sandlin; Robert Miller; Karen Scarfone;
Title: Guide to Attribute Based Access Control (ABAC) Definition and Considerations
Published: January 16, 2014
Abstract: This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This document also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
Citation: Special Publication (NIST SP) - 800-162
Pages: 46 pp.
Keywords: ABAC, Access Control, Authorization, Privilege, Attributes, Policy
Research Areas: Federal Information Processing Standards
DOI: http://dx.doi.org/10.6028/NIST.SP.800-162