A history and how-to book about an increasingly popular control model, "Attribute-Based Access Control," was recently published by NIST. It describes the 40-year history of the access control model and the latest in a series of such models, according to a release.
The attribute-based access control (ABAC) model simplifies access management and reduces costs by granting or denying user requests based on attributes of the user and the object, and environment conditions. ABAC has attracted the interest of businesses, academia, and standards bodies because of its potential benefits, particularly the advantage of simplified authorization management. Due to its simplicity and cost savings potential, market penetration and adoption continues to grow for attribute-based access control systems, NIST said.
This publication explains attribute-based access control technology, history and models, related standards, verification and assurance, applications, and deployment challenges. It is intended for security professionals, technology managers, software developers, as well as computer science and IT students and instructors.
Download the publication: Attribute Based Access Control