Exploring the Next Generation of Access Control Methodologies

David F. Ferraiolo; Larry  Feldman; Gregory A. Witte

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Exploring the Next Generation of Access Control Methodologies

Published

November 22, 2016

Author(s)

David F. Ferraiolo, Larry Feldman, Gregory A. Witte

Abstract

This bulletin summarizes the information presented in NIST SP 800-178: A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications. The publication describes Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), and then compares them with respect to five criteria. The goal of this publication is to help ABAC users and vendors make informed decisions when addressing future data service policy enforcement requirements.

Citation

ITL Bulletin -

NIST Pub Series

ITL Bulletin

Pub Type

NIST Pubs

Download Paper

Local Download

Keywords

access control, access control mechanism, access control model, access control policy, attribute based access control (ABAC), authorization, Extensible Access Control Markup Language (XACML), Next Generation Access Control (NGAC), privilege

Identity and access management

Created November 22, 2016, Updated February 28, 2017