Need-To-Know Metadata

Need-To-Know Metadata

Chief Information Officer

IC Technical Specifications

Need-To-Know Metadata


This Data Encoding Specification (DES) defines the XML elements and attributes; associated structures and relationships; mandatory and cardinality requirements; and permissible values for representing NTK metadata associated with an information resource or part of an information resource using XML. NTK.XML can be incorporated into other Data Encoding Specifications.

NTK metadata facilitates automated systems making a “need-to-know” (NTK) access determination about an information resource. These metadata are used to represent the system-specific properties assigned to an information resource that will be used, in conjunction with information about the user, and possibly other information, to determine the user’s access to the data. A single information resource may include multiple occurrences of these metadata in order to specify NTK information according to multiple, different access systems.

Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.

This specification is maintained by the IC Chief Information Officer via the Data Coordination Activity (DCA) and Common Metadata Standards Tiger Team (CMSTT).

Technical Specification Downloads


Latest Approved Public Release:


Mission Requirements


Information sharing within the national intelligence enterprise frequently relies on being able to determine an individual’s NTK as one component in determining whether to allow access to data. The enterprise will increasingly rely on NTK metadata to allow users and systems to find and access a wide-range of data throughout the enterprise. A successful information sharing enterprise depends on the ability of data creators and or providers to specify means by which NTK can be established in a manner to facilitate discovery and access via automated means.


This DES provides a common specification for the means by which a data producer can encode, in their data, the information that an access system needs in order to determine how to grant access. This DES enables a comprehensive capability to appropriately protect data across the enterprise while also allowing access by individuals having appropriate NTK. The nature of the information to be encoded will vary system by system and could include lists of individuals or groups permitted access, descriptions of subject matter in terms defined by the access system, or other traits to be used in evaluating the access an individual has to the data.


This DES provides that common specification. Currently the particulars of any access system’s data needs are not defined. Details for specifying access information and documenting access parameters for particular access systems are to be added in the near future. The systems for which access information will be recorded and constrained will be expanded as their applicability’s are identified to the enterprise.