David Ferraiolo

Publications

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 02, 2019

Author(s):

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where...

Attribute Considerations for Access Control Systems

June 18, 2019

Author(s):

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn

Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need...

Guide to Attribute Based Access Control (ABAC) Definition and Considerations [includes updates as of 02-25-2019]

February 25, 2019

Author(s):

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where...

Access Control for Emerging Distributed Systems

November 01, 2018

Author(s):

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo

As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power...

A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists

March 21, 2018

Author(s):

David F. Ferraiolo, Serban I. Gavrila, Gopi Katwala

We describe a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions regarding those policies...