NISTIR 90-4259 consists of three documents developed by the National Security Agency (NSA) as output from the Secure Data Network System (SDNS) project. The Access Control Concept Document, SDN.801, describes the principles and functions underlying the SDNS access control and authentication security services. It is a goal that the access control and authentication mechanisms designed by SDNS be adaptable to support a wide range of anticipated customer security policies.
The purpose of SDN.802, the Access Control Specification, is to provide a common basis from which devices implementing the access control service will be able to achieve interoperability. The document also identifies points of reference for users implementing the SDNS Security Protocols for Network, Transport, or Messaging. SDN.802 gives a functional description of the SDNS access control system and establishes a point of reference from which security protocols can make use of the access control service.
The SDN.802 specification also provides an overview of the Access Control Information Specification (ACIS). ACIS provides a uniform method for encoding access control information which is independent of any particular security policy. It also provides a standard algorithm for interpreting and comparing access control attributes.
The third document in this set, SDN.802/1, ACIS Addendum 1, is an extension of the ACIS discussion provided in section 5 of SDN. 802. It furnishes a detailed explanation of the capabilities, limitations, and implementation requirements for ACIS.
The access control documents of NISTIR 90-4259 support the security protocols addressed in NISTIR 90-4250 and the key management services covered in NISTIR 90-4262.
NISTIR 90-4259 consists of three documents developed by the National Security Agency (NSA) as output from the Secure Data Network System (SDNS) project. The Access Control Concept Document, SDN.801, describes the principles and functions underlying the SDNS access control and authentication security...
See full abstract
NISTIR 90-4259 consists of three documents developed by the National Security Agency (NSA) as output from the Secure Data Network System (SDNS) project. The Access Control Concept Document, SDN.801, describes the principles and functions underlying the SDNS access control and authentication security services. It is a goal that the access control and authentication mechanisms designed by SDNS be adaptable to support a wide range of anticipated customer security policies.
The purpose of SDN.802, the Access Control Specification, is to provide a common basis from which devices implementing the access control service will be able to achieve interoperability. The document also identifies points of reference for users implementing the SDNS Security Protocols for Network, Transport, or Messaging. SDN.802 gives a functional description of the SDNS access control system and establishes a point of reference from which security protocols can make use of the access control service.
The SDN.802 specification also provides an overview of the Access Control Information Specification (ACIS). ACIS provides a uniform method for encoding access control information which is independent of any particular security policy. It also provides a standard algorithm for interpreting and comparing access control attributes.
The third document in this set, SDN.802/1, ACIS Addendum 1, is an extension of the ACIS discussion provided in section 5 of SDN. 802. It furnishes a detailed explanation of the capabilities, limitations, and implementation requirements for ACIS.
The access control documents of NISTIR 90-4259 support the security protocols addressed in NISTIR 90-4250 and the key management services covered in NISTIR 90-4262.
Hide full abstract
