NIST has published NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption. Access control based on attribute encryption addresses an issue with traditional public-key encryption (PKE) wherein keys need to dynamically change whenever access policies and/or attributes change, which could cause inefficient system performance.
Access control based on attribute encryption supports fine-grained access control for encrypted data and is a cryptographic scheme that goes beyond the all-or-nothing approach of public-key encryption. This document reviews the interplay between cryptography and the access control of attribute-based encryption, including the fundamental theories on which the scheme is based; the various main algorithms of IBE, CP-ABE, and KP-ABE; and considerations for deploying access control systems based on encryption.
