{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,11]],"date-time":"2026-07-11T16:49:14Z","timestamp":1783788554066,"version":"3.55.0"},"publisher-location":"New York, NY, USA","reference-count":20,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,3,11]],"date-time":"2016-03-11T00:00:00Z","timestamp":1457654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,3,11]]},"DOI":"10.1145\/2875491.2875496","type":"proceedings-article","created":{"date-parts":[[2016,3,8]],"date-time":"2016-03-08T14:13:39Z","timestamp":1457446419000},"page":"13-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":88,"title":["Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)"],"prefix":"10.1145","author":[{"given":"David","family":"Ferraiolo","sequence":"first","affiliation":[{"name":"NIST, Gaithersburg, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ramaswamy","family":"Chandramouli","sequence":"additional","affiliation":[{"name":"NIST, Gaithersburg, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rick","family":"Kuhn","sequence":"additional","affiliation":[{"name":"NIST, Gaithersburg, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Vincent","family":"Hu","sequence":"additional","affiliation":[{"name":"NIST, Gaithersburg, MD, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2016,3,11]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"American National Standard for Information Technology","author":"CITS","year":"2004","unstructured":"Information technology -- Role-Based Access Control (RBAC), IN CITS 359--2004 , American National Standard for Information Technology , American National Standards Institute , 2004 . Information technology -- Role-Based Access Control (RBAC), INCITS 359--2004, American National Standard for Information Technology, American National Standards Institute, 2004."},{"key":"e_1_3_2_1_2_1","volume-title":"American National Standard for Information Technology","author":"CITS","year":"2013","unstructured":"Information technology - Next Generation Access Control - Functional Architecture (NGAC-FA), IN CITS 499--2013 , American National Standard for Information Technology , American National Standards Institute , March 2013 . Information technology - Next Generation Access Control - Functional Architecture (NGAC-FA), INCITS 499--2013, American National Standard for Information Technology, American National Standards Institute, March 2013."},{"key":"e_1_3_2_1_4_1","first-page":"206","volume-title":"The Chinese Wall Security Policy,\" 1989 IEEE Symposium on Security and Privacy","author":"Brewer F.C.","year":"1989","unstructured":"D. F.C. Brewer and M.J. Nash , \" The Chinese Wall Security Policy,\" 1989 IEEE Symposium on Security and Privacy , Oakland, California, USA , May 1--3, 1989 , pp. 206 -- 214 . http:\/\/dx.doi.org\/10.1109\/SECPRI.1989.36295 {accessed 11\/15\/15} 10.1109\/SECPRI.1989.36295 D.F.C. Brewer and M.J. Nash, \"The Chinese Wall Security Policy,\" 1989 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 1--3, 1989, pp. 206--214. http:\/\/dx.doi.org\/10.1109\/SECPRI.1989.36295 {accessed 11\/15\/15}"},{"key":"e_1_3_2_1_5_1","volume-title":"Trusted Computer System Evaluation Criteria (December","author":"DoD Computer Security Center","year":"1985","unstructured":"DoD Computer Security Center , Trusted Computer System Evaluation Criteria (December 1985 ). DoD Computer Security Center, Trusted Computer System Evaluation Criteria (December 1985)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1063979.1063982"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2010.04.005"},{"key":"e_1_3_2_1_8_1","volume-title":"National Institute of Standards and Technology (NIST) IR-7987 Revision 1, \"Policy Machine: Features, Architecture, and Specification","author":"Ferraiolo D.","year":"2015","unstructured":"D. Ferraiolo , S. Gavrila , and W. Jansen , National Institute of Standards and Technology (NIST) IR-7987 Revision 1, \"Policy Machine: Features, Architecture, and Specification ,\" October 2015 . http:\/\/nvlpubs.nist.gov\/nistpubs\/ir\/2015\/NIST.IR.7987r1.pdf D. Ferraiolo, S. Gavrila, and W. Jansen, National Institute of Standards and Technology (NIST) IR-7987 Revision 1, \"Policy Machine: Features, Architecture, and Specification,\" October 2015. http:\/\/nvlpubs.nist.gov\/nistpubs\/ir\/2015\/NIST.IR.7987r1.pdf"},{"key":"e_1_3_2_1_9_1","first-page":"450","volume-title":"IEEE 15th International Conference of Information Reuse and Integration, 2014","author":"Ferraiolo D.","year":"2014","unstructured":"D. Ferraiolo , S. Gavrila , and W. Jansen , \" On the Unification of Access Control and Data Services,\" in Proc . IEEE 15th International Conference of Information Reuse and Integration, 2014 , pp. 450 -- 457 . http:\/\/csrc.nist.gov\/pm\/documents\/ir 2014 _ferraiolo_final.pdf D. Ferraiolo, S. Gavrila, and W. Jansen, \"On the Unification of Access Control and Data Services,\" in Proc. IEEE 15th International Conference of Information Reuse and Integration, 2014, pp. 450--457. http:\/\/csrc.nist.gov\/pm\/documents\/ir2014_ferraiolo_final.pdf"},{"key":"e_1_3_2_1_10_1","first-page":"296","volume-title":"Proc. National Computer Security Conference","author":"Graubart R.","year":"1989","unstructured":"R. Graubart , On the need for a third form of access control , in: Proc. National Computer Security Conference , 1989 , pp. 296 -- 304 . R. Graubart, On the need for a third form of access control, in: Proc. National Computer Security Conference, 1989, pp. 296--304."},{"key":"e_1_3_2_1_11_1","volume-title":"National Institute of Standards and Technology (NIST) Interagency Report (IR) 7316, \"Assessment of Access Control Systems","author":"Hu V.C.","year":"2006","unstructured":"V.C. Hu , D.F. Ferraiolo , and D.R. Kuhn , National Institute of Standards and Technology (NIST) Interagency Report (IR) 7316, \"Assessment of Access Control Systems ,\" September 2006 . http:\/\/csrc.nist.gov\/publications\/nistir\/7316\/NISTIR-7316.pdf V.C. Hu, D.F. Ferraiolo, and D.R. Kuhn, National Institute of Standards and Technology (NIST) Interagency Report (IR) 7316, \"Assessment of Access Control Systems,\" September 2006. http:\/\/csrc.nist.gov\/publications\/nistir\/7316\/NISTIR-7316.pdf"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCGRID.2007.15"},{"key":"e_1_3_2_1_13_1","volume-title":"Guide to Attribute Based Access Control (ABAC) Definition and Considerations","author":"Hu V. C.","year":"2014","unstructured":"V. C. Hu , D. Ferraiolo , R. Kuhn , A. Schnitzer , K. Sandlin , R. Miller , and K. Scarfone , National Institute of Standards and Technology (NIST) SP-800--162 , Guide to Attribute Based Access Control (ABAC) Definition and Considerations , January 2014 . http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800--162.pdf V. C. Hu, D. Ferraiolo, R. Kuhn, A. Schnitzer, K. Sandlin, R. Miller, and K. Scarfone, National Institute of Standards and Technology (NIST) SP-800--162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations, January 2014. http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800--162.pdf"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/968559.968563"},{"key":"e_1_3_2_1_15_1","volume-title":"Fort George G. Meade","year":"1987","unstructured":"Guide to Understanding Discretionary Access Control in Trusted Systems, NCSC-TG-003, Version-1 , National Computer Security Center , Fort George G. Meade , USA , September 30, 1987 , 29 pp. http:\/\/csrc.nist.gov\/publications\/secpubs\/rainbow\/tg003.txt Guide to Understanding Discretionary Access Control in Trusted Systems, NCSC-TG-003, Version-1, National Computer Security Center, Fort George G. Meade, USA, September 30, 1987, 29 pp. http:\/\/csrc.nist.gov\/publications\/secpubs\/rainbow\/tg003.txt"},{"key":"e_1_3_2_1_16_1","unstructured":"XACML Profile for Role Based Access Control (RBAC) Committee Draft 01 February 2004.  XACML Profile for Role Based Access Control (RBAC) Committee Draft 01 February 2004."},{"key":"e_1_3_2_1_17_1","volume-title":"January 22","year":"2013","unstructured":"The eXtensible Access Control Markup Language (XACML), Version 3.0 , OASIS Standard , January 22 , 2013 . http:\/\/docs.oasis-open.org\/xacml\/3.0\/xacml-3.0-core-spec-os-en.pdf The eXtensible Access Control Markup Language (XACML), Version 3.0, OASIS Standard, January 22, 2013. http:\/\/docs.oasis-open.org\/xacml\/3.0\/xacml-3.0-core-spec-os-en.pdf"},{"key":"e_1_3_2_1_18_1","volume-title":"December","author":"Economic 0","year":"2010","unstructured":"201 0 Economic Analysis of Role-Based Access Control, RTI Number 0211876 , Research Triangle Institute , December 2010 . 2010 Economic Analysis of Role-Based Access Control, RTI Number 0211876, Research Triangle Institute, December 2010."},{"key":"e_1_3_2_1_19_1","volume-title":"Proc. New Security Paradigms Workshop","author":"Simon R.","year":"1997","unstructured":"R. Simon , M. Zurko, Separation of duty in role based access control environments , Proc. New Security Paradigms Workshop , 1997 . R. Simon, M. Zurko, Separation of duty in role based access control environments, Proc. New Security Paradigms Workshop, 1997."},{"key":"e_1_3_2_1_20_1","volume-title":"American National Standard for Information Technology","author":"CITS","unstructured":"Information technology -- Next Generation Access Control -- Generic Operations and Data Structures, IN CITS 526 , American National Standard for Information Technology , American National Standards Institute , to be published. Information technology -- Next Generation Access Control -- Generic Operations and Data Structures, INCITS 526, American National Standard for Information Technology, American National Standards Institute, to be published."},{"key":"e_1_3_2_1_21_1","volume-title":"A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services","author":"Ferraiolo D. F.","year":"2015","unstructured":"D. F. Ferraiolo , R. Chandramouli , V. Hu , and R. Kuhn , National Institute of Standards and Technology DRAFT (NIST) SP-800--178 , A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services , December 2015 . http:\/\/csrc.nist.gov\/publications\/drafts\/800178\/sp800_178_draft.pdf D. F. Ferraiolo, R. Chandramouli, V. Hu, and R. Kuhn, National Institute of Standards and Technology DRAFT (NIST) SP-800--178, A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services, December 2015. http:\/\/csrc.nist.gov\/publications\/drafts\/800178\/sp800_178_draft.pdf"}],"event":{"name":"CODASPY'16: Sixth ACM Conference on Data and Application Security and Privacy","location":"New Orleans Louisiana USA","acronym":"CODASPY'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2875491.2875496","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2875491.2875496","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:39:18Z","timestamp":1750221558000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2875491.2875496"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,3,11]]},"references-count":20,"alternative-id":["10.1145\/2875491.2875496","10.1145\/2875491"],"URL":"https:\/\/doi.org\/10.1145\/2875491.2875496","relation":{},"subject":[],"published":{"date-parts":[[2016,3,11]]},"assertion":[{"value":"2016-03-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}