David Ferraiolo

Publications

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

March 15, 2021

Author(s)

Joanna DeFranco, David F. Ferraiolo, D. Richard Kuhn, Joshua D. Roberts

Sharing data between different organizations is a challenge primarily due to database management systems (DBMSs) being different types that impose different

A New Approach to Data Sharing and Distributed Ledger Technology: A Clinical Trial Use Case

February 16, 2021

Author(s)

David F. Ferraiolo, Joanna DeFranco, D. Richard Kuhn, Joshua D. Roberts

Distributed systems have always presented complex challenges, and technology trends are in many ways making the software designer's job more difficult. In

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical

Attribute Considerations for Access Control Systems

June 18, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David Kuhn

Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

February 25, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical

View more Publications

Patents (2018-Present)

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

NIST Inventors

David Ferraiolo and Gopi Katwala

An access control system for managing and enforcing an attribute based access control (ABAC) policy includes: a minimum ABAC implementation that produces a representation access control list in an ABAC policy system; and a local host system that produces a resource repository access control list in

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

NIST Inventors

David Ferraiolo and Gopi Katwala

Image of a spreadhsheet with some records

Next Generation Access Control System and Process for Controlling Database Access

NIST Inventors

Joshua Roberts , Gopi Katwala and David Ferraiolo

A computer-implemented method included: receiving, by an access manager, a query from a source; communicating the query from the access manager to a translator; translating the query into a next generation access control (NGAC) input; communicating the NGAC input to an NGAC engine, the NGAC engine

View All Patents

David Ferraiolo (Fed)

Group Manager for Secure Systems and Applications Group, Computer Scientist

Publications

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

A New Approach to Data Sharing and Distributed Ledger Technology: A Clinical Trial Use Case

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Attribute Considerations for Access Control Systems

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

Patents (2018-Present)

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

Next Generation Access Control System and Process for Controlling Database Access