Email this Article Email   

CHIPS Articles: NIST Releases Attribute Metadata Guide to Support Authorization Policies and Evaluation

NIST Releases Attribute Metadata Guide to Support Authorization Policies and Evaluation
By CHIPS Magazine - February 5, 2018
The NIST 8112 Internal Report contains a metadata schema for attributes that may be asserted about an individual during an online transaction. The schema can be used by trusting parties to enrich access control policies, as well as during runtime evaluation of an individual’s ability to access protected resources.

Attribute metadata could also create an option for data sharing permissions and limitations on individual data elements, thus strengthening security. There are other possible applications of attribute metadata, such as evaluation and execution of business logic in decision support systems; however, the metadata contained in the report is focused on supporting an organization’s risk-informed authorization policies and evaluation.

Authors
Paul Grassi (NIST), Naomi Lefkovitz (NIST), Ellen Nadeau (NIST), Ryan Galluzzo (Deloitte & Touche), Abhiraj Dinh (Deloitte & Touche)

Publication: NISTIR 8112 (DOI)
Related NIST Publications: SP 800-162

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer