Promote and assure controlled, secure, and authorized sharing of information by recommending best practices for security guidelines, technologies, and procedures that meet the requirements for responsible and trusted information sharing in the applicable community of practice. Relevant context for this working group includes operational capability, exchange patterns, technical standards, technical capabilities, and exchange specifications. Defines key concepts around identity, access, and authorization of users to enable secure, authorized access to the right information at the right time. Addresses the following security implications for interoperability: proper security controls to ensure the protection of information as it is exchanged within and across security fabrics; access authorization controls to protect shared data assets; metadata to tag the data and describe its pedigree, lineage, source, timeliness, confidence, or other attributes associated with trust; and digital security rules, guidelines, and standards for securely exchanging data and services.