Try the new and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

library / references

Primary Policy Machine References/Background:

This paper provides a good overview of the Policy Machine's ability to express and enforce policies and policy combinations. However, unlike Policy Machine's most recent specification, this paper activates attributes prior to mediating an access request and does not recognize obligations or prohibitions.

These papers describe the benefits and approach of the Policy Machine’s integration of Access Control and Data Services.

A good description of the PM's ability to support different types of policies without the need to activate attributes:

This white paper describes a method that leverages ANSI/INCITS Next Generation Access Control (NGAC) standard for imposing fine-grain access control over database queries independent of an application.

This NIST IR is the most detailed Policy Machine specification:

High level slide briefing:


Certain software products are identified in this document. Such identification does not imply recommendation by NIST, nor does it imply that the products identified are necessarily the best available for the purpose..