XpressRules-PM: Commercial Implementation of PM/NGAC

Award Information
Agency: Department of Commerce
Branch: National Institute of Standards and Technology
Contract: 70NANB18H180
Agency Tracking Number: 097-04-09 (PII)
Amount: $300,000.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: N/A
Solicitation Number: 2018-NIST-SBIR-02
Timeline
Solicitation Year: 2018
Award Year: 2018
Award Start Date (Proposal Award Date): 2018-07-19
Award End Date (Contract End Date): 2020-08-31
Small Business Information
9515 North Wieber Dr, Spokane, WA, 99208
DUNS: 079700695
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Ronald Turner
 (509) 467-0668
 Ron.Turner@XpressRules.com
Business Contact
 Ronald Turner
Phone: (509) 467-0668
Email: Ron.Turner@XpressRules.com
Research Institution
N/A
Abstract
New Generation Access Control (NGAC)—because of its “neutrality by design”—represents the most effective and scalable approach for deploying “smart” access control and consent solutions in large dynamic scenarios. NGAC however presents with its own problems: (1) it has miniscule recognition and uptake in the workplace, (2) it is unusable by non-technical policy officers and (3) its documentation and wider “infosphere” are very early-stage. XpressRules-PM is a natural language-based NGAC toolkit for (1) equipping non-technical stakeholders—in their own words—to deploy privacy and consent policies, (2) enabling an organization to configure the product to fit their environment instantly, repeatedly and without IT assistance, (3) exposing its policy store to logicchecking and analytics, and (4) applying NGAC’s Decision Algorithm to perform real-time “dispute resolution” in an IoT information blockchain. For healthcare XpressRules-PM facilitates a “longitudinal patient consent™” to accompany a longitudinal patient health record through its migration. NGAC retains the rich semantics of relationships between entities. The NGAC “family of standards” expresses this semantics abstractly with a directed acyclic graph (DAG). Therefore the most appropriate implementation of NGAC is graph-based, running on a NoSQL platform. Phase II specifies Neo4j initially, but its design will support any NoSQL database product.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government