Develop Access Control Rules
Jump to navigation
Jump to search
Go back |
---|
This article uses the business rules from the previous section to guide you through the process of codifying the rules in terms of NIEF Attributes.
The access control rules are written in terms of attributes requested and/or required. NIEF has three existing attribute bundles we recommend as a starting point for identifying attribute requirements:
- NIEF Mandatory Attributes - This attributes are critical to meet audit logging requirements of most service providers operating in NIEF.
- NIEF Highly Recommended - These attributes are in use within NIEF and are excellent candidates for use in new access control policies.
- NIEF Recommended - These attributes have some use in NIEF, and can be used in access control policies.
If the above attribute sets are insufficient, any user attribute within the registry can be used or an organization can collaborate with help@nief.org to define a new attribute.
Go back |
---|