You are here

XpressRules-PM: Commercial Implementation of PM/NGAC

Award Information
Agency: Department of Commerce
Branch: National Institute of Standards and Technology
Contract: 70NANB18H180
Agency Tracking Number: 097-04-09 (PII)
Amount: $300,000.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: N/A
Solicitation Number: 2018-NIST-SBIR-02
Solicitation Year: 2018
Award Year: 2018
Award Start Date (Proposal Award Date): 2018-07-19
Award End Date (Contract End Date): 2020-08-31
Small Business Information
9515 North Wieber Dr
Spokane, WA 99208
United States
DUNS: 079700695
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Ronald Turner
 (509) 467-0668
Business Contact
 Ronald Turner
Phone: (509) 467-0668
Research Institution

New Generation Access Control (NGAC)—because of its “neutrality by design”—represents the most effective and scalable approach for deploying “smart” access control and consent solutions in large dynamic scenarios. NGAC however presents with its own problems: (1) it has miniscule recognition and uptake in the workplace, (2) it is unusable by non-technical policy officers and (3) its documentation and wider “infosphere” are very early-stage. XpressRules-PM is a natural language-based NGAC toolkit for (1) equipping non-technical stakeholders—in their own words—to deploy privacy and consent policies, (2) enabling an organization to configure the product to fit their environment instantly, repeatedly and without IT assistance, (3) exposing its policy store to logicchecking and analytics, and (4) applying NGAC’s Decision Algorithm to perform real-time “dispute resolution” in an IoT information blockchain. For healthcare XpressRules-PM facilitates a “longitudinal patient consent™” to accompany a longitudinal patient health record through its migration. NGAC retains the rich semantics of relationships between entities. The NGAC “family of standards” expresses this semantics abstractly with a directed acyclic graph (DAG). Therefore the most appropriate implementation of NGAC is graph-based, running on a NoSQL platform. Phase II specifies Neo4j initially, but its design will support any NoSQL database product.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government