Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology / Cybersecurity and privacy

Identity & Access Management

Search Publications

Search Title, Abstract, Conference, Citation, Keyword or Author

Title

Author

NIST Pub Series

Report Number

Published Date

Min

Max

Displaying 51 - 63 of 63

Pseudo-exhaustive Testing of Attribute Based Access Control Rules

August 4, 2016

Author(s)

David R. Kuhn, Chung Tong Hu, David F. Ferraiolo, Raghu N. Kacker, Yu Lei

Access control typically requires translating policies or rules given in natural language into a form such as a programming language or decision table, which can be processed by an access control system. Once rules have been described in machine

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)

March 11, 2016

Author(s)

David F. Ferraiolo, Ramaswamy Chandramouli, David R. Kuhn, Chung Tong Hu

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing

Interfaces for Personal Identity Verification [including updates as of 02-08-2016]

February 11, 2016

Author(s)

David Cooper, Hildegard Ferraiolo, Ketan Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler

[Superseded by SP 800-73pt1-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957973 SP 800-73pt2-5 (July 2024): https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957975 SP 800-73pt3-5 (July 2024): https://tsapps.nist.gov

Securing Interactive and Automated Access Management Using Secure Shell (SSH)

January 11, 2016

Author(s)

Murugiah P. Souppaya, Karen Scarfone, Larry Feldman

This bulletin summarizes the information presented in NISTIR 7966, "Security of Interactive and Automated Access Management Using Secure Shell (SSH)". The publication assists organizations in understanding the basics of SSH interactive and automated access

Stopping Malware and Unauthorized Software through Application Whitelisting

December 15, 2015

Author(s)

Adam Sedgewick, Murugiah Souppaya, Karen Scarfone, Larry Feldman

This bulletin summarizes the information presented in NIST Special Publication 800-167, "Guide to Application Whitelisting," written by Adam Sedgewick, Murugiah Souppaya and Karen Scarfone. The publication is intended to assist organizations in

A Profile for U. S. Federal Cryptographic Key Management Systems

October 28, 2015

Author(s)

Elaine B. Barker, Miles Smid, Dennis Branstad

This Profile for U. S. Federal Cryptographic Key Management Systems (FCKMSs) contains requirements for their design, implementation, procurement, installation, configuration, management, operation, and use by U. S. Federal organizations. The Profile is

Guide to Application Whitelisting

October 28, 2015

Author(s)

Adam Sedgewick, Murugiah Souppaya, Karen Scarfone

An application whitelist is a list of applications and application components that are authorized for use in an organization. Application whitelisting technologies use whitelists to control which applications are permitted to execute on a host. This helps

Policy Machine: Features, Architecture, and Specification

October 27, 2015

Author(s)

David F. Ferraiolo, Serban I. Gavrila, Wayne Jansen

The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability for existing access control mechanisms to enforce a

Security of Interactive and Automated Access Management Using Secure Shell (SSH)

October 15, 2015

Author(s)

Tatu Ylonen, Paul Turner, Karen Scarfone, Murugiah Souppaya

Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges, for a variety of reasons, including file transfers, disaster recovery, privileged access management, software and patch management

Implementing and Managing Policy Rules in Attribute Based Access Control

August 13, 2015

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Raghu N. Kacker, Yu Lei

Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today's dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of

Improved Security and Mobility Through Updated Interfaces for PIV Cards

July 21, 2015

Author(s)

Hildegard Ferraiolo, Larry Feldman, Gregory A. Witte

This bulletin summarizes the information presented in NIST SP 800-73-4: Interfaces for Personal Identity Verification and NIST SP 800-78-4: Cryptographic Algorithms and Key Sizes for Personal Identity Verification. SP 800-73-4 has been updated to align

Interfaces for Personal Identity Verification

May 29, 2015

Author(s)

David Cooper, Hildegard Ferraiolo, Ketan L. Mehta, Salvatore Francomacaro, Ramaswamy Chandramouli, Jason Mohler

[Superseded by SP 800-73-4 (May 2015, w/updates as of 2/8/2016): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=920323] FIPS 201 defines the requirements and characteristics of a government-wide interoperable identity credential. FIPS 201

An Access Control Scheme for Big Data Processing

November 11, 2014

Author(s)

Chung Tong Hu, Timothy Grance, David F. Ferraiolo, David R. Kuhn

Access Control (AC) systems are among the most critical of network security components. A system's privacy and security controls are more likely to be compromised due to the misconfiguration of access control policies rather than the failure of

Was this page helpful?