Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: David Ferraiolo (Fed)

Displaying 51 - 75 of 87

Specification of Attribute Relations for Access Control Policies and Constraints Using Policy Machine

August 23, 2010

Author(s)

Chung Tong Hu, David F. Ferraiolo, Serban I. Gavrila

Attribute relations in access control mechanisms or languages allow accurate and efficient specification of some popular access control models. However, most of the access control systems including today s de-facto access control protocol and specification

RBAC Standard Rationale: Comments on "A Critique of the ANSI Standard on Role Based Access Control"

December 12, 2007

Author(s)

David F. Ferraiolo, David R. Kuhn, R. Sandhu

[This is a response to comments on INCITS Standard 359-2004, Role Based Access Control. For original paper see Ninghui Li et al., IEEE Security & Privacy, vol. 5, no. 6, p.41, (2007).] Some notion of roles for access control predates the research papers

Decentralized Trust Domain Management in Multiple Grid Environments

November 25, 2007

Author(s)

Chung Tong Hu, Karen A. Scarfone, David F. Ferraiolo

Trust domain management for the global access of a grid is managed under centralized schema for most of the current grid architectures, which are designed based on the concept that there is only one grid for every grid member, therefore requiring central

Access Control Policy Combinations for the Grid Using the Policy Machine

May 14, 2007

Author(s)

Vincent C. Hu, David F. Ferraiolo, Karen A. Scarfone

Many researchers have tackled the architecture and requirements aspects of grid security, concentrating on the authentication or authorization mediation instead of authorization techniques, especially the topic of policy combination. Policy combination is

Role-Based Access Control, Second Edition

December 31, 2006

Author(s)

David F. Ferraiolo, David R. Kuhn, Ramaswamy Chandramouli

[ISBN-13: 978-1-59693-113-8] This newly revised edition of "Role-Based Access Control" offers the latest details on a security model aimed at reducing the cost and complexity of security administration for large networked applications. The second edition

Assessment of Access Control Systems

September 29, 2006

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn

Access control is perhaps the most basic aspect of computer security. Nearly all applications that deal with financial, privacy, safety, or defense include some form of access control. In many systems access control takes the form of a simple password

The Computational Complexity of Enforceability Validation for Generic Access Control Rules

June 14, 2006

Author(s)

Chung Tong Hu, David R. Kuhn, David F. Ferraiolo

In computer security, many researches have tackled on the possibility of a unified model of access control, which could enforce any access control policies within a single unified system. One issue that must be considered is the efficiency of such systems

The Role Control Center: Features and Case Studies

June 4, 2003

Author(s)

David F. Ferraiolo, Gail-Joon Ahn, Ramaswamy Chandramouli, Serban I. Gavrila

Role-based Access Control (RBAC) models have been implemented not only in self-contained resource management products such as DBMSs and Operating Systems but also in a class of products called Enterprise Security Management Systems (ESMS). ESMS products

The Policy Machine for Security Policy Management

July 17, 2001

Author(s)

Chung Tong Hu, Deborah A. Frincke, David F. Ferraiolo

Many different access controls policies and models have been developed to suit a variety of goals: these include Role-Based Access Control, One-directional Information Flow, Chinese Wall, Clark-Wilson, N-person Control, and DAC, in addition to more

A Method for Visualizing and Managing Role-Based Policies on Identity-Based Systems

July 27, 2000

Author(s)

David F. Ferraiolo, Serban I. Gavrila

In recent years, numerous commercial and experimental Role-Based Access Control (RBAC) implementations have emerged. Central to several of these RBAC systems are administrative facilities for displaying and managing user/role and role/privileges, and their

The NIST Model for Role-Based Access Control: Towards a Unified Standard

July 26, 2000

Author(s)

R. Sandhu, David F. Ferraiolo, D. Richard Kuhn

This paper describes a unified model for role-based access control (RBAC). RBAC is a proven technology for large-scale authorization. However, lack of a standard model results in uncertainty and confusion about its utility and meaning. The NIST model seeks

Securing Web Servers

September 21, 1999

Author(s)

Peter M. Mell, David F. Ferraiolo

This ITL Bulletin enumerates and describes techniques by which one can secure web servers. It categorizes the techniques into security levels to aid in their cost-effective application.

A Role-Based Access Control Model and Reference Implementation Within a Corporate Intranet

February 1, 1999

Author(s)

David F. Ferraiolo, John Barkley, David R. Kuhn

This paper describes NIST's enhanced RBAC model and our approach to designing and implementing RBAC features for networked Web servers. The RBAC model formalized in this paper is based on the properties that were first described in Ferraiolo and Kuhn [1992