Need-To-Know Access Control Encoding Specification

Need to Know Access Control Encoding Specification

Chief Information Officer

IC Technical Specifications

Need to Know Access Control Encoding Specification



The Access Control Encoding Specification for Need-To-Know (NTK.ACES) defines implementation requirements for providing access to resources protected with NTK metadata. This ACES defines the combinational logic between data tags and user/entity attributes. This specification applies to the Intelligence Community (IC) and information produced by, stored, or shared within the IC.


This specification supports Executive Order (EO) 13526, Classified National Security Information which "prescribes a uniform system for classifying, safeguarding, and declassifying national security information," across national security disciplines, networks, services, and data.


This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).


Technical Specification Downloads


Latest Approved Public Release:


Mission Requirements


This specification is designed to fulfill a number of requirements in support of the transformational efforts of the Intelligence Community. Many of these requirements are articulated in IC Directives 208, 209, 500-20, 500-21, 501, 710, and ICPM- 2007-200-2 among others.


This specification supports common understanding and use of access control encoding for originator controlled mappings to enable overall information sharing strategies and policies of the IC as established in relevant law, policy, and directives.