This is a potential security issue, you are being redirected to https://csrc.nist.gov
Special Publications (SPs)
Security & Privacy
Laws & Regulations
Activities & Products
Computer Security Division
Applied Cybersecurity Division
A form of access control that uses an authorization policy that takes into account operational need, risk, and heuristics.
CNSSI 4009-2015 under risk adaptable access control (RAdAC)
In RAdAC, access privileges are granted based on a combination of a user’s identity, mission need, and the level of security risk that exists between the system being accessed and a user. RAdAC will use security metrics, such as the strength of the authentication method, the level of assurance of the session connection between the system and a user, and the physical location of a user, to make its risk determination.
NIST SP 800-95 under Risk-Adaptive Access Control (RAdAC)
(Department of Defense (DoD) Information Assurance (IA) and Computer Network Defense (CND) Strategies: A Comprehensive Review of Common Needs and Capability Gaps State-of-the-Art Report (SOAR) (21 July 2005 - TAT-06284 ) - (accessible from .mil and .gov domains only))
Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.
Comments about the glossary's presentation and functionality should be sent to firstname.lastname@example.org.
See NISTIR 7298 Rev. 3 for additional details.