U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Attribute Considerations for Access Control Systems: Draft NIST SP 800-205 Available for Comment
February 13, 2019

Attribute-based access control systems rely upon enterprise-specific attributes to both define access control policy rules and enforce the access control. Confidence in access control decisions is dependent on the accuracy, integrity, and timely availability of attributes. Attributes must therefore be established, defined, and constrained by allowable values required by the relevant digital policies, and those shared across organizations should provide assurance.

NIST invites comments on Draft Special Publication (SP) 800-205, Attribute Considerations for Access Control Systemswhich describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document proposes some notional implementation suggestions for consideration from the perspectives of fundamental security properties: preparation, veracity, security, readiness, and management applied to access control systems. A general attribute framework with examples is demonstrated to show the importance and efficiency of the semantic and syntactic accuracies of attributes in federated access control environments, especially when natural language policies (NLP) are the initial policies. The discussed considerations are summarized to illustrate Attribute Evaluation Scheme examples, which are applied to different access control system requirements.

A public comment period for this document is open until April 1, 2019.


NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Related Topics

Security and Privacy: access control

Created February 12, 2019, Updated June 22, 2020