Skip to main content

NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Published

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

Abstract

[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This document also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
Citation
Special Publication (NIST SP) - 800-162
Report Number
800-162

Keywords

access control, access control mechanism, access control model, access control policy, attribute based access control (ABAC), authorization, privilege.

Citation

, C. , Ferraiolo, D. , Kuhn, D. , Schnitzer, A. , Sandlin, K. , Miller, R. and Scarfone, K. (2019), Guide to Attribute Based Access Control (ABAC) Definition and Considerations, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-162 (Accessed October 3, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created August 2, 2019, Updated June 7, 2020
Was this page helpful?