NIST SP 800-162 GUIDE TO ABAC
D
EFINITION AND CONSIDERATIONS
36
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-162
Appendix B — References
[ANSI359] InterNational Committee for Information Technology Standards, American National Standard
for Information Technology - Role Based Access Control, ANSI/INCITS 359-2012, American National
Standards Institute, New York, May 29, 2012, 56pp.
https://webstore.ansi.org/Standards/INCITS/INCITS3592012
.
[ANSI499] InterNational Committee for Information Technology Standards, Information technology -
Next Generation Access Control – Functional Architecture (NGAC–FA), ANSI/INCITS 499-2018,
American National Standards Institute, New York, January 30, 2018, 57pp.
[CGLO09] I. F. Cruz, R. Gjomemo, B. Lin, and M. Orsini, “A Constraint and Attribute Based Security
Framework for Dynamic Role Assignment in Collaborative Environments”, in Collaborative Computing:
Networking, Applications and Worksharing, Lecture Notes of the Institute for Computer Sciences, Social
Informatics and Telecommunications Engineering, vol. 10, 322-339 (2009).
https://doi.org/10.1007/978-
3-642-03354-4_24.
[FEDCIO1] Federal Chief Information Officers Council, Federal Identity, Credential, and Access
Management (FICAM) Roadmap and Implementation Guidance (Version 1.0). Office of Management and
Budget, Washington, D.C., November 10, 2009, 220pp.
[FEDCIO2] Federal Chief Information Officers Council, Federal Identity, Credential, and Access
Management (FICAM) Roadmap and Implementation Guidance (Version 2.0). Office of Management and
Budget, Washington, D.C., December 2, 2011, 478pp.
https://www.idmanagement.gov/wp-
content/uploads/sites/1171/uploads/FICAM_Roadmap_and_Implem_Guid.pdf.
[FK92] D. F. Ferraiolo and D. R. Kuhn, “Role-Based Access Controls,” in Proceedings of 15th NIST-
NCSC National Computer Security Conference, National Institute of Standards and Technology,
Gaithersburg, Maryland, 554-563 (1992).
https://csrc.nist.gov/publications/detail/conference-
paper/1992/10/13/role-based-access-controls.
[NIST7316] V. C. Hu, D. F. Ferraiolo, and D. R. Kuhn, Assessment of Access Control Systems, NISTIR
7316, National Institute of Standards and Technology, Gaithersburg, Maryland, September 2006, 60 pp.
https://doi.org/10.6028/NIST.IR.7316
.
[NIST7657] NIST/NSA Privilege (Access) Management Workshop Collaboration Team, A Report on the
Privilege (Access) Management Workshop, NISTIR 7657, National Institute of Standards and
Technology, Gaithersburg, Maryland, March 2010, 48 pp. https://doi.org/10.6028/NIST.IR.7657
.
[NIST7665] Proceedings of the Privilege Management Workshop, September 1-3, 2009, NISTIR 7665, S.
A. Durrant, T. Brewer, and A. Sokol, eds., National Institute of Standards and Technology,
Gaithersburg, Maryland, January 2010, 10 pp. https://doi.org/10.6028/NIST.IR.7665
.
[NIST7874] V. C. Hu, and K. Scarfone, Guidelines for Access Control System Evaluation Metrics,
NISTIR 7874, National Institute of Standards and Technology, Gaithersburg, Maryland, September 2012,
48pp. https://doi.org/10.6028/NIST.IR.7874
.
[NIST800-100] P. Bowen, J. Hash, and M. Wilson, Information Security Handbook: A Guide for
Managers, NIST Special Publication 800-100, National Institute of Standards and Technology,