Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Attribute Considerations for Access Control Systems: NIST Publishes SP 800-205

NIST has published Special Publication 800-205, "Attribute Considerations for Access Control Systems."

Attribute-based access control systems rely upon enterprise-specific attributes to both define access control policy rules and enforce the access control. Confidence in access control decisions is dependent on the accuracy, integrity, and timely availability of attributes. Attributes must therefore be established, defined, and constrained by allowable values required by the relevant digital policies, and those shared across organizations should provide assurance.

NIST has published Special Publication (SP) 800-205, Attribute Considerations for Access Control Systemswhich describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document proposes some notional implementation suggestions for consideration from the perspectives of fundamental security properties: preparation, veracity, security, readiness, and management applied to access control systems. A general attribute framework with examples is demonstrated to show the importance and efficiency of the semantic and syntactic accuracies of attributes in federated access control environments, especially when natural language policies (NLP) are the initial policies. The discussed considerations are summarized to illustrate Attribute Evaluation Scheme examples, which are applied to different access control system requirements.

Released June 18, 2019, Updated June 19, 2019