Jeff.Krug: Created page with "{| !class="gfipmnav"|Go back |} This article uses the business rules from the previous section to g..."

2019-01-30T16:15:55Z

Created page with "{| !class="gfipmnav"|Go back |} This article uses the business rules from the previous section to g..."

New page

{|
!class="gfipmnav"|[[How to Develop a NIEF Information Sharing Plan for a Service Provider|Go back]]
|}

This article uses the business rules from the previous section to guide you through the process of codifying the rules in terms of [https://nief.org/attribute-registry/ NIEF Attributes].

The access control rules are written in terms of attributes requested and/or required. NIEF has three existing attribute bundles we recommend as a starting point for identifying attribute requirements:

* [https://nief.org/attribute-registry/bundles/NIEF-Mandatory/ NIEF Mandatory Attributes] - This attributes are critical to meet audit logging requirements of most service providers operating in NIEF.
* [https://nief.org/attribute-registry/bundles/NIEF-Highly-Recommended/ NIEF Highly Recommended] - These attributes are in use within NIEF and are excellent candidates for use in new access control policies.
* [https://nief.org/attribute-registry/bundles/NIEF-Recommended/ NIEF Recommended] - These attributes have some use in NIEF, and can be used in access control policies.

If the above attribute sets are insufficient, any [https://nief.org/attribute-registry/attributes/user/ user attribute within the registry] can be used or an organization can collaborate with [mailto:help@nief.org help@nief.org] to define a new attribute.

{|
!class="gfipmnav"|[[How to Develop a NIEF Information Sharing Plan for a Service Provider|Go back]]
|}

Develop Access Control Rules - Revision history

Jeff.Krug: Created page with "{| !class="gfipmnav"|Go back |} This article uses the business rules from the previous section to g..."