Certificate Based Access Control (CBAC) Operation and User Guide

Applications that incorporate CBAC allow participating agencies to control their data based on role definitions and individual user attributes found in digital certification. By using policy-defined rule-sets, CBAC enables agencies to transcend the traditional username, login access control paradigm. CBAC permits need-to-know access to sensitive information, allows agencies to define policy-based rule-sets for access control, enables distributed access control for a federation of systems, enhances private networks by enabling varying levels of access, and decreases administrative time for information-sharing. CBAC has the following features: platform independent, configurable for an existing PKI infrastructure or set-up with internally signed certificates, standard interfaces, easy-to-use Web-based administrators page, rule-set templates, and rapid implementation with no impact to end-users. The report's section on CBAC's installation, configuration, and maintenance addresses minimum hardware, software, and functional requirements; installation instructions; configuration; maintenance; monitoring for system errors; shutdown; backup; and parameters and system configuration. The report's section on operating procedures provides instructions on starting CBAC and explains the various features of the CAPR (Certificate Access Preparation and Review Tool) main Web page. 9 figures and appended operator messages