For Academia
For Industry
For GovernmentNSA was requested by the Defense Information Systems Agency (DISA) to complete a series of standards profiles. These documents identify the mandatory features for the industry standard, based on the architectural context, and address secure interoperability with enterprise services offered by DISA. These profiles were developed with capabilities that are achievable today. DISA has included the profiles in the acquisition documentation for the Net-Centric Enterprise Services (NCES) Program, requiring that potential vendors comply with these standards profiles. These standards were adopted to encourage and enable enterprise-wide interoperability, information exchange, and accessibility across networks and to extend to business partners, stakeholders and the public.
Standards: Common and repeated use of rules, conditions, guidelines, or characteristics for products or related processes and production methods, and related management systems practices.
Standards Profiles: A compilation of standards citations that drive a specific program/project’s requirements. Rather than having each NSA/CSS program/project attempt to encompass all DOD mandates and other industry standards, the Standard Profile is a customized subset of these standards that apply to the effort’s unique operational, system, and technical “footprint.” In this manner, programs/projects will include the appropriate set of standards into their requirements baselines at key points in their life cycles.
You can access any of the Standards Profiles documents below by clicking on the document’s title.
This profile was created to establish guidance on the representation of SAML attribute-related transactions. This profile covers a standard means to express policies and attributes within the SAML construct. The profile seeks to articulate the means for defining the SAML attribute request and response within the NCES security services architecture.
This profile was created to provide guidance on SOAP Message Security to be used when building Web Services (WS) service offerings as part of Service Oriented Architecture (SOA). The profile covers the collective requirements for SOAP Message Security to support digital signatures, encryption, and security tokens (all layer 6) within the context of the NCES Information Assurance (IA) subsystem.
This profile deals with access control and was created to provide guidance on the representation of authorization policies in XACML policy language. The profile establishes a standard means of expressing policies and functions within the XACML construct used to support a Role-Based Access Control (RBAC) function within the context of the NCES IA subsystem.
1 NSA/CSS Policy 10-11 Dated 4 May 2006.
