Intelligence Community Access Control

IC Only Access Control

Chief Information Officer

IC Technical Specifications

Intelligence Community Only Access Control


This XML Data Encoding Specification for Intelligence Community Only (ICO.ACES) defines detailed implementation guidance for providing access to ICO data. This specification profile is applicable to the Intelligence Community (IC) and information produced by, stored, or shared within the IC.

This is the first release of the specification and therefore provides no backward capability.
Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

The IC Chief Information Officer maintains this specification via the Data Coordination Activity (DCA) and Entity Specification Tiger Team (ESTT).


Technical Specification Downloads


Latest Approved Public Release:


Mission Requirements


This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community. Many of these requirements are articulated in IC policy:

  • Intelligence Community Information Technology Enterprise (IC ITE) Increment 1 Implementation Plan
  • Intelligence Community Directive (ICD) 501, Discovery and Dissemination or Retrieval of Information within the IC
  • Intelligence Community Standard (ICS) 500-21, Tagging of Intelligence and Intelligence-Related Information
  • Intelligence Community Directive (ICD) 208, Write for Maximum Utility
  • Intelligence Community Directive (ICD) 209, Tearline Production and Dissemination
  • Intelligence Community Policy Memorandum (ICPM) 2007-200-2, Preparing Intelligence to Meet the Intelligence Community’s Responsibility to Provide

 This specification includes design features that address:

  • Addresses the standardization of EA
  • Codifies mappings and combinational logic between data attributes and user/entity attributes to facilitate consistent enterprise-wide Boolean access decisions.
  • Defines both abstract and concrete guidance for making access control decisions. Addresses components of Control decision(s).
  • Addresses components of Control decision(s).