The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation's measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL's responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in federal computer systems. This Special Publication 500-series reports on ITL's research, guidance, and outreach efforts in Information Technology and its collaborative activities with industry, government, and academic organizations.
This document includes additional material resulting from in-scope comments made by workshop participants and the public during the review periods for this document. An overview of the workshop is available in the published proceedings of the workshop. [NISTIR 7665-Proceedings of the Privilege Management Workshop, September 1-3, 2009] Participants at the workshop generally agreed that access management is the umbrella under which to consider privilege management. At the same time, many workshop participants felt that the term "privilege management" was not needed at all, since all aspects of the discussions held in the various tracks could be described without use of the term. Yet, the term "privilege management" was being used in several contexts, with differing meanings, and there was a strong desire to clarify its meaning. Contributing to the reason to use the term was the definition of "privilege management" that appeared in the draft document 1 produced by the Identity, Credential, and Access Management (ICAM) Subcommittee just months earlier [FICAM-09-Federal Identity, Credential, and Access Management.] That proposed definition seemed to be closely related to the area being examined at the workshop. Also, the view of privilege management expressed in this document generally aligns with the architectural and service framework for privilege management presented in the FICAM document. Both the FICAM document and this report treat privilege management as a subset of access management. The results of the workshop, as described in this report, show that the central topic of the workshop turned out to be attribute and policy management. Whether attribute and policy management should be called "privilege management" is an open question at this point. Looking at the definitions of "privilege management" in the FICAM document and in this report, it appears that they address different levels of concern in the area of identity, credential, and access management. The FICAM definition appears to view privilege management as a governance and business process, while this report's definition focuses on computer-based management of attributes and policies. As the reader can easily discover, it is possible to substitute "attribute and Table of Contents Introduction.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.