Published: March 11, 2016
Author(s)
David Ferraiolo (NIST), Ramaswamy Chandramouli (NIST), Richard Kuhn (NIST), Vincent Hu (NIST)
Conference
Name: 2016 ACM International Workshop on Attribute Based Access Control (ABAC '16)
Dates: 03/11/2016
Location: New Orleans, Louisiana, United States
Citation: ABAC '16: Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control, pp. 13-24
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing and enforcing vastly diverse access control policies in support of various types of data services. The two standards differ with respect to the manner in which access control policies and attributes are specified and managed, and decisions are computed and enforced. This paper is presented as a consolidation and refinement of public draft National Institute of Technology (NIST) Special Publication (SP) 800-178, describing and comparing these two standards.
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing and enforcing vastly diverse access control...
See full abstract
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing and enforcing vastly diverse access control policies in support of various types of data services. The two standards differ with respect to the manner in which access control policies and attributes are specified and managed, and decisions are computed and enforced. This paper is presented as a consolidation and refinement of public draft National Institute of Technology (NIST) Special Publication (SP) 800-178, describing and comparing these two standards.
Hide full abstract
Keywords
ABAC; XACML; NGAC; Policy Machine; access control
Control Families
Access Control