U.S. flag

An official website of the United States government, Department of Justice.

Certificate Based Access Control (CBAC) Operation and User Guide

NCJ Number
210415
Date Published
April 2003
Length
22 pages
Agencies
NIJ-Sponsored
Grant Number(s)
2001-RD-R-061
Annotation
This report describes the installation, configuration, and maintenance, as well as operating procedures of the Certificate Based Access Control (CBAC) software system needed to provide security for integrated information systems capable of sharing data across agencies and jurisdictions.
Abstract
Applications that incorporate CBAC allow participating agencies to control their data based on role definitions and individual user attributes found in digital certification. By using policy-defined rule-sets, CBAC enables agencies to transcend the traditional username, login access control paradigm. CBAC permits need-to-know access to sensitive information, allows agencies to define policy-based rule-sets for access control, enables distributed access control for a federation of systems, enhances private networks by enabling varying levels of access, and decreases administrative time for information-sharing. CBAC has the following features: platform independent, configurable for an existing PKI infrastructure or set-up with internally signed certificates, standard interfaces, easy-to-use Web-based administrators page, rule-set templates, and rapid implementation with no impact to end-users. The report's section on CBAC's installation, configuration, and maintenance addresses minimum hardware, software, and functional requirements; installation instructions; configuration; maintenance; monitoring for system errors; shutdown; backup; and parameters and system configuration. The report's section on operating procedures provides instructions on starting CBAC and explains the various features of the CAPR (Certificate Access Preparation and Review Tool) main Web page. 9 figures and appended operator messages
Date Created: July 6, 2005