INCITS Forms Task Group for Role-Based Access Control Standards

December 8, 2005

The InterNational Committee for Information Technology Standards (INCITS) Cyber Security Technical Committee (CS1) established a task group to develop implementation requirements for applications to use Role-Based Access Control (RBAC).

The goal of the INCITS RBAC Task Group will be to develop a set of implementation requirements for applications such as financial services, health care and manufacturing based on the RBAC standard (INCITS 359-2004).

With RBAC, security permissions are managed by first assigning permissions to roles (e.g., doctor, nurse) and then assigning users to those roles.

The work is intended to promote interoperability among organizations employing RBAC as an access control model. The new INCITS CS1.1 task group will be responsible for the technical development of all RBAC related projects within CS1.

To participate in this standards development or to obtain additional details, contact Daniel Benigni at dbenigni@nist.gov or the INCITS CS1.1 RBAC Task Group Chair, Ed Coyne at ed.coyne@med.va.gov.

More information is available on the CS1 web site or the NIST RBAC web site .

Source: InterNational Committee for Information Technology Standards (INCITS).