The term “information technology” is often forgotten. People think of IT and they think of the “tech” who will help fix their computer. But the primary role of information technology workers is to manage the flow of information or data. IT systems provide email, calendars, records, documentation, data storage and more—all of which are forms […]
The term “information technology” is often forgotten. People think of IT and they think of the “tech” who will help fix their computer. But the primary role of information technology workers is to manage the flow of information or data. IT systems provide email, calendars, records, documentation, data storage and more—all of which are forms of information.
Providing security to all of this data is done in large part via access control (AC), which includes managing user access to disparate systems and stores of data.
The National Institute of Standards and Technology (NIST) has developed a framework for AC called the Policy Machine (PM), which helps IT create an enterprise-wide operating environment that simplifies management, governance and data interoperability issues that plague AC administration today.
Although the PM is still considered an experimental implementation, you can read further about how it was developed and its capabilities in our IT Download, “Enabling an Enterprise-wide, Data-centric Operating Environment.”
In this document, you will learn about what NIST considers to be a Policy Machine:
Like most other AC mechanisms, the PM is comprised of: (1) AC data used to express access control policies and deliver capabilities of DSs to perform operations on objects; (2) a set of administrative operations for configuring the AC; and (3) a set of functions for enforcing policy on requests to execute operations on objects and for computing access decisions to accommodate or reject those requests based on the current state of the AC data.
Other information included in this download includes:
According to NIST, the PM is currently in “prototype implementation,” and will soon become an open source project for IT administrators to give AC a more integral role in their enterprise data management.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
