Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)

Published

Author(s)

David F. Ferraiolo, Ramaswamy Chandramouli, David R. Kuhn, Chung Tong Hu

Abstract

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing and enforcing vastly diverse access control policies in support of various types of data services. The two standards differ with respect to the manner in which access control policies and attributes are specified and managed, and decisions are computed and enforced. This paper is presented as a consolidation and refinement of public draft NIST SP 800-178 [21], describing, and comparing these two standards.
Proceedings Title
ABAC'16: 2016 ACM International Workshop on Attribute Based Access Control Proceedings
Conference Dates
March 11, 2016
Conference Location
New Orleans, LA
Conference Title
1st ACM Workshop on Attribute Based Access Control

Keywords

ABAC, XACML, NGAC, Policy Machine, Access Control

Citation

Ferraiolo, D. , Chandramouli, R. , Kuhn, D. and , C. (2016), Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC), ABAC'16: 2016 ACM International Workshop on Attribute Based Access Control Proceedings, New Orleans, LA, [online], https://doi.org/10.1145/2875491.2875496 (Accessed May 25, 2022)
Created March 11, 2016, Updated November 10, 2018