Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Search Publications by David Ferraiolo

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 40

Attribute Considerations for Access Control Systems

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn
Attribute-based access control systems rely upon attributes to not only define access control policy rules but also enforce the access control. Attributes need

Access Control for Emerging Distributed Systems

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo
As big data, cloud computing, grid computing, and the Internet of Things reshape current data systems and practices, IT experts are keen to harness the power of

Attribute Based Access Control

Chung Tong Hu, David F. Ferraiolo, Ramaswamy Chandramouli, David R. Kuhn
Until now, ABAC research has been documented in hundreds of research papers, but not consolidated in book form. This book explains ABAC's history and model

Policy Machine: Features, Architecture, and Specification

David F. Ferraiolo, Serban I. Gavrila, Wayne Jansen
The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of

An Access Control Scheme for Big Data Processing

Chung Tong Hu, Timothy Grance, David F. Ferraiolo, David R. Kuhn
Access Control (AC) systems are among the most critical of network security components. A system's privacy and security controls are more likely to be

On the Unification of Access Control and Data Services

David F. Ferraiolo, Serban I. Gavrila, Wayne Jansen
A primary objective of enterprise computing (via a data center, cloud, etc.) is the controlled delivery of data services (DS). Typical DSs include applications

A Matter of Policy

David F. Ferraiolo, Jeffrey M. Voas, George Hurlburt
This paper discusses system security policies. System policies are the set of rules that when implemented afford a strategy for the protection of information