U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

SP 800-205 (Draft)

Attribute Considerations for Access Control Systems

Date Published: February 2019
Comments Due: April 1, 2019 (public comment period is CLOSED)
Email Questions to: sp800-205-comments@nist.gov


Vincent Hu (NIST), David Ferraiolo (NIST), Richard Kuhn (NIST)


Draft SP 800-205 describes the attribute-influencing factors that an access control system must address when engineering and evaluating attributes. The document expands upon NIST SP 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, by proposing some notional implementation suggestions for consideration from the perspectives of fundamental security properties. It is intended to be a guide for federal agencies to attribute considerations with Attribute Evaluation Scheme examples for access control.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.



access control; access control mechanism; access control model; access control policy; attribute considerations; attribute; assurance; attribute-based access control (ABAC); authorization; privilege
Control Families

Access Control


SP 800-205 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
02/13/19: SP 800-205 (Draft)
06/18/19: SP 800-205 (Final)


Security and Privacy
access control