Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).
NIST Authors in Bold
|Author(s):||Tanya L. Brewer; Annie W. Sokol; Sheldon A. Durrant;|
|Title:||Proceedings of the Privilege Management Workshop, September 1-3, 2009|
|Published:||January 01, 2010|
|Abstract:||Privilege management is large and complex, often the source of heated debate and opinion, and fraught with widely-understood, yet ill-defined terminology and concepts. The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) sponsored the first Privilege Management Workshop at NIST's main campus in Gaithersburg, Maryland, September 1-3, 2009. The workshop was attended by approximately 120 people representing Executive branch Federal agencies, the private sector, and academia. The primary goal of this first workshop was to bring together a wide spectrum of individuals representing differing viewpoints, use cases, and organizational needs with the intent to reach a common understanding of several facets of this important area. This includes reaching consensus on the definition of privilege management and other terminology; understanding and analyzing the strengths and weaknesses of current and proposed access control models; ascertaining the current state of the practice and future research directions in privilege management; and understanding and articulating the managerial, legal, and policy requirements associated with privilege management.|
|Citation:||NIST Interagency/Internal Report (NISTIR) - 7665|
|Keywords:||access control, eXtensible Access Control Markup Language, healthcare IT, Health Insurance Portability and Accountability Act, HIPAA, privilege management, RAdAC, Risk-Adaptable Access Control, XACML|
|Research Areas:||Information Technology, Computer Security|
|PDF version:||Click here to retrieve PDF version of paper (89KB)|