Thank you for your interest in commenting on the draft NIST Cybersecurity Practice Guide, SP 1800-3: Attribute Based Access Control. Comments can be supportive or critical and may include suggestions of changes or additions that you believe will improve the project.
As you review and apply this example implementation to your own organization, we ask for you to share your feedback and experience. Some questions to consider as you review the document and provide feedback:
- If your organization is looking at improving cybersecurity by upgrading your access control infrastructure, did you find this guide useful?
- ABAC enables an organization to authorize access to information by evaluating attribute values, policy in rules, and the environmental context of the access request. Has this draft guide helped your organization understand how ABAC can improve cybersecurity by providing flexible and granular access to your data?
- Do you have suggestions or feedback concerning best practices to improve cybersecurity by implementing advanced authentication and authorization techniques?
You may submit comments through the form on this page. Or, to help coordinate comments within your organization, you may use this template to collect feedback and email the worksheet to firstname.lastname@example.org. Respondents can include the name of the person or organization filing the comment, which will allow us to contact you for clarity, if necessary. Anonymous comments will also be accepted.
Please note: all comments received are a part of the public record and will generally be included in the final document without change. All personal identifying information (for example, name and address) voluntarily submitted by the commenter may be publicly accessible. Please do not submit confidential business information or otherwise sensitive or protected information.
The comment period for this draft practice guide is open through October 20, 2017.