U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: D. Richard Kuhn (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 176 - 189 of 189

Role-Based Access Control for the Web

October 29, 1998
Author(s)
John Barkley, David R. Kuhn, Lynne S. Rosenthal, Mark Skall, Anthony V. Cincotta
Establishing and maintaining a presence on the World Wide Web (Web), once a sideline for U.S. industry, has become a key strategic aspect of marketing and sales. Many companies have demonstrated that a well designed Web site can have a positive effect on

Role Based Access Control on MLS Systems Without Kernel Changes

October 23, 1998
Author(s)
David R. Kuhn
Role based access control (RBAC) is attracting increasing attention as a security mechanism for both commercial and many military systems. This paper shows how RBAC can be implemented using the mechanisms available on traditional multi-level security

Software Standards

October 22, 1998
Author(s)
D. Richard Kuhn, Thomas R. Rhodes, Christopher E. Dabrowski
This article describes software standards and their characteristics. Development considerations for programmers using standards are explained as well.

Fault Classes and Error Detection in Specification Based Testing

February 1, 1998
Author(s)
David R. Kuhn
Specification based testing relies upon methods for generating test cases from predicates in a software specification. These methods derive various test conditions from logic expressions, with the aim of detecting different types of faults. Some authors

Role Based Access Control for the World Wide Web

October 10, 1997
Author(s)
John Barkley, Anthony V. Cincotta, David F. Ferraiolo, Serban I. Gavrila, David R. Kuhn
One of the most challenging problems in managing large networked systems is the complexity of security administration. This is particularly true for organizations that AWeb (WWW) servers. Today, security administration is costly and prone to error because

Role-Based Access Control (RBAC): Features and Motivations

December 15, 1995
Author(s)
David F. Ferraiolo, Janet A. Cugini, David R. Kuhn
The central notion of Role-Based Access Control (RBAC) is that users do not have discretionary access to enterprise objects. Instead, access permissions are administratively associated with roles, and users are administratively made members of appropriate

Security in Open Systems

July 1, 1994
Author(s)
Robert H. Bagwill, John Barkley, Lisa J. Carnahan, Shu-jen H. Chang, David R. Kuhn, Paul Markovitz, Anastase Nakassis, Karen J. Olsen, Michael L. Ransom, John P. Wack
The Public Switched Network (PSN) provides National Security and Emergency Preparedness (NS/EP) telecommunications. Service vendors, equipment manufacturers, and the federal government are concerned that vulnerabilities in the PSN could be exploited and

Role-Based Access Controls

October 13, 1992
Author(s)
David F. Ferraiolo, David R. Kuhn
While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that