An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
https://www.nist.gov/people/david-ferraiolo
David Ferraiolo
Group Manager for Secure Systems and Applications Group, Computer Scientist
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of August 2, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need
Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone
[Includes updates as of February 25, 2019] This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical
As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of
David F. Ferraiolo, Serban I. Gavrila, Gopi Katwala
We describe a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions regarding those policies
Patent Description This is a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions over those policies on objects that are locally protected using Access Control Lists (ACLs). The method is as follows: Centrally express an ABAC
Patent Description The Policy Machine is an access control framework that served as the basis for the development of an American National Standards Institute (ANSI)/ the International Committee for Information Technology Standards (INCITS – the central U.S. forum dedicated to creating technology