Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Overview and Considerations of Access Control Based on Attribute Encryption



Vincent C. Hu


Encryption technology can be incorporated into access control mechanisms based on user identities, user attributes, or resource attributes. Traditional public-key encryption requires different data to have different keys that can be distributed to users who satisfy perspective access control policies along with the encrypted version of the data. However, some distributed or pervasive system environments wish to avoid the public-key encryption's all-or-nothing data access limitation when considering their performance requirements. Attribute-based encryption incorporates access control policies and attributes with encryption and decryption functions and a one-to-many authorization scheme that requires fewer keys than public-key encryption. It also utilizes collusion-resistance, which provides a more efficient and flexible attribute-based access control mechanism that supports high-performance systems (e.g., cloud, IoT, disrupt-tolerant networks, wireless sensor networks, mobile ad-hoc networks, and public search service systems).
NIST Interagency/Internal Report (NISTIR) - 8450-upd1
Report Number


access control, attribute-based access control, attribute-based encryption, authorization, encryptions, identity-based encryption, public-key encryption.


Hu, V. (2023), Overview and Considerations of Access Control Based on Attribute Encryption, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed July 25, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created December 20, 2023