- csrc home
- news & events
This paper provides a good overview of the Policy Machine's ability to express and enforce policies and policy combinations. However, unlike Policy Machine's most recent specification, this paper activates attributes prior to mediating an access request and does not recognize obligations or prohibitions.
This paper describes the Policy Machine’s ability to unify data services and access control.
A good description of the PM's ability to support different types of policies without the need to activate attributes:
This draft IR is the most detailed Policy Machine specification:
High level slide briefing:
Certain software products are identified in this document. Such identification does not imply recommendation by NIST, nor does it imply that the products identified are necessarily the best available for the purpose..