Date Published: July 2011
Author(s)
Stephen Quirolgico (NIST), Vincent Hu (NIST), Tom Karygiannis (NIST)
The Access Control for SAR Systems (ACSS) project focused on developing a prototype privilege management system used to express and enforce policies for controlling access to Suspicious Activity Report (SAR) data within the law enforcement domain. This report details the work conducted for the ACSS project including the design, implementation and integration of distributed software components for rendering policy decisions, storing subject and resource data, and facilitating web-based retrieval of SAR records.
The Access Control for SAR Systems (ACSS) project focused on developing a prototype privilege management system used to express and enforce policies for controlling access to Suspicious Activity Report (SAR) data within the law enforcement domain. This report details the work conducted for the ACSS...
See full abstract
The Access Control for SAR Systems (ACSS) project focused on developing a prototype privilege management system used to express and enforce policies for controlling access to Suspicious Activity Report (SAR) data within the law enforcement domain. This report details the work conducted for the ACSS project including the design, implementation and integration of distributed software components for rendering policy decisions, storing subject and resource data, and facilitating web-based retrieval of SAR records.
Hide full abstract
Keywords
access control; law enforcement; policy; privilege management; SAR; Suspicious Activity Report; ABAC; XACML
Control Families
Access Control; System and Information Integrity