NIST logo

Publication Citation: Proceedings of the Privilege Management Workshop, September 1-3, 2009

NIST Authors in Bold

Author(s): Tanya L. Brewer; Annie W. Sokol; Sheldon A. Durrant;
Title: Proceedings of the Privilege Management Workshop, September 1-3, 2009
Published: January 01, 2010
Abstract: Privilege management is large and complex, often the source of heated debate and opinion, and fraught with widely-understood, yet ill-defined terminology and concepts. The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) sponsored the first Privilege Management Workshop at NIST's main campus in Gaithersburg, Maryland, September 1-3, 2009. The workshop was attended by approximately 120 people representing Executive branch Federal agencies, the private sector, and academia. The primary goal of this first workshop was to bring together a wide spectrum of individuals representing differing viewpoints, use cases, and organizational needs with the intent to reach a common understanding of several facets of this important area. This includes reaching consensus on the definition of privilege management and other terminology; understanding and analyzing the strengths and weaknesses of current and proposed access control models; ascertaining the current state of the practice and future research directions in privilege management; and understanding and articulating the managerial, legal, and policy requirements associated with privilege management.
Citation: NIST Interagency/Internal Report (NISTIR) - 7665
Pages: 10 pp.
Keywords: access control; eXtensible Access Control Markup Language; healthcare IT; Health Insurance Portability and Accountability Act; HIPAA; privilege management; RAdAC; Risk-Adaptable Access Control; XACML
Research Areas: Information Technology, Computer Security
PDF version: PDF Document Click here to retrieve PDF version of paper (89KB)