David Ferraiolo

Publications

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical

Attribute Considerations for Access Control Systems

June 18, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn

Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

February 25, 2019

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical

Access Control for Emerging Distributed Systems

November 1, 2018

Author(s)

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo

As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of

A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists

March 21, 2018

Author(s)

David F. Ferraiolo, Serban I. Gavrila, Gopi Katwala

We describe a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions regarding those policies

View more Publications

David Ferraiolo

Group Manager for Secure Systems and Applications Group, Computer Scientist

Publications