CORE User Access Policy