Access Control Policy (Dictionary Entry)
Draft
Access Control Policy
Definitions
Definition 1
Related Terms
Quotes
Access control policies are high-level requirements that specify how access is managed and who, under what circumstances, may access what information. While access control policies can be application-specific and thus taken into consideration by the application vendor, policies are just as likely to pertain to user actions within the context of an organizational unit or across organizational boundaries. For instance, policies may pertain to resource usage within or across organizational units or may be based on need-to-know, competence, authority, obligation, or conflict-of-interest factors. Such policies may span multiple computing platforms and applications.
(NIST IR 7316, 2006, p. 4)
Bibliography
See Also
-
Access Control Policy (Dictionary Entry) (Dictionary)
-
Axiomatics Policy Server (Product) (Vendors)
-
NIST SP 800-162, 2014 (Bibliography)
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.
