Jul 24

There is no reason for any individual to have a computer in his home

-- Ken Olson

 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

Kumar and Herger 2013: Gamification at Work: Designing Engaging Business Software...
by Janaki Mythily Kumar and Mario Herger

 
Start reading

Whitworth and Ahmad 2013: The Social Design of Technical Systems: Building technologies for communities...
by Brian Whitworth and Adnan Ahmad

 
Start reading

Soegaard and Dam 2013: The Encyclopedia of Human-Computer Interaction, 2nd Ed....
by Mads Soegaard and Rikke Friis Dam

 
Start reading
 
 

Help us help you!

 
 

David F. Ferraiolo

Add description
Add publication

Publications by David F. Ferraiolo (bibliography)

 what's this?
2006
 
Edit | Del

Hu, Vincent C., Kuhn, D. Richard and Ferraiolo, David F. (2006): The Computational Complexity of Enforceability Validation for Generic Access Control Rules. In: SUTC 2006 - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing 5-7 June, 2006, Taichung, Taiwan. pp. 260-267.

2004
 
Edit | Del

Ferraiolo, David F. and Kuhn, D. Richard (2004): Role Based Access Control. In Review Literature And Arts Of The Americas, 14 (5) pp. 554-563.

RBAC (Role-based Access Control) was born with the aim to reduce the high maintenance cost of the classical identity- based access control models. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. In this paper we present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC that fits the requirements of environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and QoS-sub jected operations. FRBAC is a generalization of RBAC based on fuzzy relations. The fuzzy user-role and role-permission relations allows to deal with such imprecise information and propagate it, through the user-permission relation, to the final access decision.

© All rights reserved Ferraiolo and Kuhn and/or National Institute of Standards and Technology

 Cited in the following chapters:

Socio-Technical System Design: [/encyclopedia/socio-technical_system_design.html]

The Evolution of Computing: [/books/the_social_design_of_technical_systems/the_evolution_of_computing.html]


 
1992
 
Edit | Del

Ferraiolo, David F. and Kuhn, D. Richard (1992): Role-Based Access Controls. In: 15th National Computer Security Conference October 13-16, 1992, Baltimore. pp. 554-563.

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organizations. The paper describes a type of non-discretionary access control - role-based access control (RBAC) - that is more central to the secure processing needs of non-military systems than DAC.

© All rights reserved Ferraiolo and Kuhn and/or their publisher

 Cited in the following chapter:

Design Spaces: [/books/the_social_design_of_technical_systems/design_spaces.html]


 
 
Add publication
Show list on your website
 

Join our community and advance:

Your
Skills

Your
Network

Your
Career

 
 
 
 

Changes to this page (author)

17 Feb 2013: Modified
11 May 2012: Modified
09 Jul 2009: Added

Page Information

Page maintainer: The Editorial Team
URL: http://www.interaction-design.org/references/authors/david_f__ferraiolo.html
Jul 24

There is no reason for any individual to have a computer in his home

-- Ken Olson

 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

Kumar and Herger 2013: Gamification at Work: Designing Engaging Business Software...
by Janaki Mythily Kumar and Mario Herger

 
Start reading

Whitworth and Ahmad 2013: The Social Design of Technical Systems: Building technologies for communities...
by Brian Whitworth and Adnan Ahmad

 
Start reading

Soegaard and Dam 2013: The Encyclopedia of Human-Computer Interaction, 2nd Ed....
by Mads Soegaard and Rikke Friis Dam

 
Start reading
 
 

Help us help you!