Editor’s Note: NIST’s Policy Machine website is available at http://csrc.nist.gov/pm/.
From: NIST
What is the Policy Machine?
Like most other AC [access control] mechanisms, the PM comprises: (1) AC data used to express access control policies and deliver capabilities of DSs to perform operations on objects; (2) a set of administrative operations for configuring the AC; and (3) a set of functions for enforcing policy on requests to execute operations on objects and for computing access decisions to accommodate or reject those requests based on the current state of the AC data.
What distinguish the PM from other mechanisms are the data elements and relations that define its AC data, the type of operations that are recognized, and the functions that it implements. These specifics are driven by a redefinition of AC and DSs in terms of what is believed to be their common and underlying elements, relations, and functions.
![Share on Facebook Facebook](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/facebook.png)
![Share on Twitter twitter](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/twitter.png)
![Share on Google+ google_plus](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/google_plus.png)
![Share on Reddit reddit](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/reddit.png)
![Pin it with Pinterest pinterest](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/pinterest.png)
![Share on Linkedin linkedin](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/linkedin.png)
![Share by email mail](https://www.thecre.com/fisma/wp-content/plugins/social-media-feather/synved-social/image/social/regular/96x96/mail.png)
Leave a Reply