Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Vincent C. Hu (Fed)

Displaying 26 - 50 of 76

Attribute Based Access Control

November 30, 2017

Author(s)

Chung Tong Hu, David F. Ferraiolo, Ramaswamy Chandramouli, David R. Kuhn

Until now, ABAC research has been documented in hundreds of research papers, but not consolidated in book form. This book explains ABAC's history and model, related standards, verification and assurance, applications, and deployment challenges; Specialized

Verification and Test Methods for Access Control Policies/Models

June 27, 2017

Author(s)

Chung Tong Hu, David R. Kuhn, Dylan J. Yaga

Access control systems are among the most critical of computer security components. Faulty policies, misconfigurations, or flaws in software implementations can result in serious vulnerabilities. To formally and precisely capture the security properties

Verification of Resilience Policies that Assist Attribute Based Access Control

March 24, 2017

Author(s)

Chung Tong Hu, Antonios Gouglidis, Jeremy Busby, David Hutchison

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined

General Methods for Access Control Policy Verification

December 19, 2016

Author(s)

Chung Tong Hu, David R. Kuhn

A Comparison of Attribute Based Access Control (ABAC) Standards for Data Service Applications

October 3, 2016

Author(s)

David F. Ferraiolo, Ramaswamy Chandramouli, Chung Tong Hu, David R. Kuhn

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control (ABAC) standards with similar goals and objectives. An objective of both is to provide a standardized way for

Pseudo-exhaustive Testing of Attribute Based Access Control Rules

August 4, 2016

Author(s)

David R. Kuhn, Chung Tong Hu, David F. Ferraiolo, Raghu N. Kacker, Yu Lei

Access control typically requires translating policies or rules given in natural language into a form such as a programming language or decision table, which can be processed by an access control system. Once rules have been described in machine

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)

March 11, 2016

Author(s)

David F. Ferraiolo, Ramaswamy Chandramouli, David R. Kuhn, Chung Tong Hu

Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC) are very different attribute based access control standards with similar goals and objectives. An objective of both is to provide a standardized way for expressing

Implementing and Managing Policy Rules in Attribute Based Access Control

August 13, 2015

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Raghu N. Kacker, Yu Lei

Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today's dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of

An Access Control Scheme for Big Data Processing

November 11, 2014

Author(s)

Chung Tong Hu, Timothy Grance, David F. Ferraiolo, David R. Kuhn

Access Control (AC) systems are among the most critical of network security components. A system's privacy and security controls are more likely to be compromised due to the misconfiguration of access control policies rather than the failure of

Attribute Based Access Control (ABAC) Definition and Considerations

March 7, 2014

Author(s)

Chung Tong Hu

Attribute-Based Access Control (ABAC) is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases

Real-Time Access Control Rule Fault Detection Using a Simulated Logic Circuit

February 3, 2014

Author(s)

Chung Tong Hu, Karen Scarfone

Access control (AC) policies can be implemented based on different AC models, which are fundamentally composed by semantically independent AC rules in expressions of privilege assignments described by attributes of subjects/attributes, actions, objects

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

January 16, 2014

Author(s)

Chung Tong Hu, David F. Ferraiolo, David R. Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone

This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the

Guidelines for Access Control System Evaluation Metrics

September 14, 2012

Author(s)

Chung Tong Hu, Karen Scarfone

The purpose of this document is to provide Federal agencies with background information on access control (AC) properties, and to help access control experts improve their evaluation of the highest security AC systems. This document discusses the