David Ferraiolo

Publications

Translating Natural Language Specifications into Access Control Policies by Leveraging Large Language Models

January 16, 2025

Author(s)

Sherifdeen Lawal, Xingmeng Zhao, Anthony Rios, Ram Krishnan, David Ferraiolo

This paper investigates the application of large language models (LLMs) for the automated translation and information extraction of access control policies from

An Infrastructure for Secure Data Sharing: A Clinical Data Implementation

May 15, 2024

Author(s)

Joanna DeFranco, Joshua Roberts, David Ferraiolo, Daniel Compton

Objective: To address database interoperability challenges to improve collaboration among disparate organizations. Materials and Methods: We developed a

Use Cases for Secure and Trusted Granular Data Sharing Among Disparate Databases

January 30, 2024

Author(s)

Joanna DeFranco, David Ferraiolo, Joshua Roberts, D. Richard Kuhn

Sharing data among disparate organizations can be extremely difficult, when the data comes from different database management systems (DBMS). Most problematic

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

March 15, 2021

Author(s)

Joanna DeFranco, David F. Ferraiolo, D. Richard Kuhn, Joshua D. Roberts

Sharing data between different organizations is a challenge primarily due to database management systems (DBMSs) being different types that impose different

A New Approach to Data Sharing and Distributed Ledger Technology: A Clinical Trial Use Case

February 16, 2021

Author(s)

David F. Ferraiolo, Joanna DeFranco, D. Richard Kuhn, Joshua D. Roberts

Distributed systems have always presented complex challenges, and technology trends are in many ways making the software designer's job more difficult. In

View more Publications

Patents (2018-Present)

Achieving Out-of-the-box Fine-Grained Marketing Sheet Thumbnail

Achieving Out-of-the-box Fine-Grained Access Control in Databases by enforcing and embedding Next Generation Access Control (m-NGAC) right in databases

NIST Inventors

Gopi Katwala and David Ferraiolo

m-NGAC brings a global solution for RDBMSs by enabling automatic installation of Next Generation Access Control (NGAC) directly into the database, offering out-of-the-box fine-grained database access control. NGAC facilitates building and storing Access control policies, which will be then accessed

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

NIST Inventors

David Ferraiolo and Gopi Katwala

An access control system for managing and enforcing an attribute based access control (ABAC) policy includes: a minimum ABAC implementation that produces a representation access control list in an ABAC policy system; and a local host system that produces a resource repository access control list in

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

NIST Inventors

David Ferraiolo and Gopi Katwala

Image of a spreadhsheet with some records

Next Generation Access Control System and Process for Controlling Database Access

NIST Inventors

Joshua Roberts , Gopi Katwala and David Ferraiolo

Provides a universal access control layer between applications and DBMSs, following a standardized ABAC model (NGAC*) that is a) DBMS-agnostic, b) does not require modification of the DBMS software, and c) can enforce types of access policies and at a granularity not typically available in database

View All Patents

David Ferraiolo (Fed)

Group Manager for Secure Systems and Applications Group, Computer Scientist

Publications

Translating Natural Language Specifications into Access Control Policies by Leveraging Large Language Models

An Infrastructure for Secure Data Sharing: A Clinical Data Implementation

Use Cases for Secure and Trusted Granular Data Sharing Among Disparate Databases

A Trusted Federated System to Share Granular Data Among Disparate Database Resources

A New Approach to Data Sharing and Distributed Ledger Technology: A Clinical Trial Use Case

Patents (2018-Present)

Achieving Out-of-the-box Fine-Grained Access Control in Databases by enforcing and embedding Next Generation Access Control (m-NGAC) right in databases

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

Access Control System and Process for Managing and Enforcing an Attribute Based Access Control Policy

Next Generation Access Control System and Process for Controlling Database Access