NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.
Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.
An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Exploring the Next Generation of Access Control Methodologies
Published
Author(s)
David Ferraiolo, Larry Feldman, Greg Witte
Abstract
This bulletin summarizes the information presented in NIST SP 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications. The publication describes Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), and then compares them with respect to five criteria. The goal of this publication is to help ABAC users and vendors make informed decisions when addressing future data service policy enforcement requirements.
access control, access control mechanism, access control model, access control policy, attribute based access control (ABAC), authorization, Extensible Access Control Markup Language (XACML), Next Generation Access Control (NGAC), privilege
Ferraiolo, D.
, Feldman, L.
and Witte, G.
(2016),
Exploring the Next Generation of Access Control Methodologies, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=922332
(Accessed October 2, 2025)