This book presents a combination of technical and administrative instructions for the development of attribute-based access control (ABAC) to improve information sharing within organizations. It focuses in particularly on the planning, design, implementation and operation, and explains in depth the history and model of ABAC, its relationship with other access control models.
The book includes chapters on related standards, verification and assurance and deployment frameworks such as XACML. Researchers and implementers of these systems will also find an overview of Next Generation Access Model (NGAC), ABAC applications in SOA/workflow domains, ABAC architectures and details on feature sets in commercial and open source products.
Vincent C. Hu is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology (NIST). He received his Ph.D. in computer science from the University of Idaho in Moscow, Idaho, and his M.S.in computer science from Old Dominion University in Norfolk, Virginia. David F. Ferraiolo is currently the manager for the Secure Systems and Applications group of the Computer Security Division at the National Institute of Standards and Technology (NIST). He received his degrees in computer science and mathematics from SUNY Albany. Ramaswamy Chandramouli is a computer scientist at the National Institute of Standards and Technology (NIST).He received his Ph.D. in information security from George Mason University, his M.S. in operations research from the University of Texas at Dallas and his M.Tech. in industrial engineering and operations research from the Indian Institute of Technology, Bombay, India. Rick Kuhn is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology (NIST). He received his M.S. in computer science from the University of Maryland College Park and his MBA from the College of William and Mary.
Access Control Models and Approaches; Attribute Based Access Control; ABAC Deployment using XACML; Next Generation Access Control; ABAC Policy Verifications and Testing; Attribute Consideration; ABAC Deployments in Application Architectures; ABAC Life Cycle Issues (Considerations); ABAC in Commercial Products; Open Source ABAC Implementations- Architectures & Features.