Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Report on the Privilege (Access) Management Workshop



Annie W. Sokol


This document is based on the discussions and conclusions of the Privilege (Access) Management Workshop held on 1-3 September, 2009 at the Gaithersburg, Maryland facilities of the National Institute of Standards and Technology (NIST), sponsored by NIST and the National Security Agency (NSA). This document includes additional material resulting from in scope comments made by workshop participants and the public during the review periods for this document. An overview of the workshop is available in the published proceedings of the workshop.
NIST Interagency/Internal Report (NISTIR) - 7657
Report Number


access control, credential, eXtensible Access Control Markup Language, healthcare IT, Health Insurance Portability and Accountability Act, HIPAA, identity, privilege management, RAdAC, Risk-Adaptable Access Control, XACML


Sokol, A. (2010), A Report on the Privilege (Access) Management Workshop, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed May 24, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created March 30, 2010, Updated November 10, 2018