They Wrote the Book on ABAC

Artech House has just published a book on Attribute Based Access Control, authored by Vincent Hu, David Ferraiolo, Ramaswamy Chandramouli and Richard Kuhn. These names will be familiar to anyone that has followed the history of research in ABAC or other models of access control. For our younger audience, as well as all interested parties, this book provides a great foundation on the topic and provides a view into the journey that the industry has taken over the last few decades. 

The authors were kind enough to share a draft copy with me and I was immediately impressed with both the introductory sections as well as the later sections that dig into the details of ABAC models. There is something here for architects, info security practitioners, developers, operations and management. A book project like this is a huge effort and will be very beneficial to the industry – many thanks to the authors taking on this challenge.

This comprehensive new resource provides an introduction to fundamental Attribute Based Access Control (ABAC) models. This book provides valuable information for developing ABAC to improve information sharing within organizations while taking into consideration the planning, design, implementation, and operation. It explains the history and model of ABAC, related standards, verification and assurance, applications, as well as deployment challenges.

Get your copy from Artech or Amazon today!

Related Articles

The one with all the authorization vendors | Dynamically Speaking
Dynamically Speaking
Does it feel as though everyone’s suddenly talking about authorization? We think so too and asked Axiomatics President & CCO Jim Barkdoll his thoughts on...
The one about identity-first security | Dynamically Speaking
Dynamically Speaking
Few have their finger on the pulse of all things Identity and Access Management (IAM) like Jackson Shaw, Chief Strategy Officer for Clear Skye. In...
The Log4j vulnerability – What you need to know
Customer Alerts
As many of you know, on December 9, 2021 the Apache Log4j vulnerability (CVE-2021-4422) was discovered, affecting somewhere between 0 and 3 billion-plus devices currently...