INCITS 565-2020

Information Technology - Next Generation Access Control (NGAC)

Next Generation Access Control (NGAC) is a reinvention of traditional access control into a form that suits the needs of the modern, distributed, interconnected enterprise. NGAC is designed to be scalable, support a wide range of access control policies, enforce different types of policies simultaneously, provide access control services for different types of resources, and remain manageable in the face change. NGAC follows an attribute-based construction in which characteristics or properties are used to control access to resources and to describe and manage policy. This standard specifies the architecture, security model, and interfaces of the NGAC framework necessary to ensure its realization in different types of implementation environments at a range of scalability levels and to obtain the requisite level of cohesion and functionality to operate correctly and effectively at the system level.