U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

PUBLICATIONS

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Published

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

Abstract

[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes. This document also provides considerations for using ABAC to improve information sharing within organizations and between organizations while maintaining control of that information.
Citation
Special Publication (NIST SP) - 800-162
Report Number
800-162
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs
Supercedes Publication
Guide to Attribute Based Access Control (ABAC) Definition and Considerations
Superceded By Publication
Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Download Paper

Local Download

Keywords

access control, access control mechanism, access control model, access control policy, attribute based access control (ABAC), authorization, privilege.
Identity and access management and Cybersecurity
Created February 25, 2019, Updated October 31, 2019