Upcoming Courses

go to course
User-Centred Design - Module 3
72% booked. Starts in 23 days
 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

 
 
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
start reading
 
 
 
 
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
start reading
 
 

David F. Ferraiolo

Add description
Rename / change spelling
Add publication
 

Publications by David F. Ferraiolo (bibliography)

 what's this?
2006
 
Edit | Del

Hu, Vincent C., Kuhn, D. Richard and Ferraiolo, David F. (2006): The Computational Complexity of Enforceability Validation for Generic Access Control Rules. In: SUTC 2006 - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing 5-7 June, 2006, Taichung, Taiwan. pp. 260-267.

2004
 
Edit | Del

Ferraiolo, David F. and Kuhn, D. Richard (2004): Role Based Access Control. In Review Literature And Arts Of The Americas, 14 (5) pp. 554-563.

RBAC (Role-based Access Control) was born with the aim to reduce the high maintenance cost of the classical identity- based access control models. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. In this paper we present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC that fits the requirements of environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and QoS-sub jected operations. FRBAC is a generalization of RBAC based on fuzzy relations. The fuzzy user-role and role-permission relations allows to deal with such imprecise information and propagate it, through the user-permission relation, to the final access decision.

© All rights reserved Ferraiolo and Kuhn and/or National Institute of Standards and Technology

 Cited in the following chapters:

Socio-Technical System Design: [/encyclopedia/socio-technical_system_design.html]

The Evolution of Computing: [/books/the_social_design_of_technical_systems/the_evolution_of_computing.html]


 
1992
 
Edit | Del

Ferraiolo, David F. and Kuhn, D. Richard (1992): Role-Based Access Controls. In: 15th National Computer Security Conference October 13-16, 1992, Baltimore. pp. 554-563.

While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organizations. The paper describes a type of non-discretionary access control - role-based access control (RBAC) - that is more central to the secure processing needs of non-military systems than DAC.

© All rights reserved Ferraiolo and Kuhn and/or their publisher

 Cited in the following chapter:

Design Spaces: [/books/the_social_design_of_technical_systems/design_spaces.html]


 
 
Add publication
Show list on your website
 

Join our community and advance:

Your
Skills

Your
Network

Your
Career

 
Join our community!
 
 
 

Changes to this page (author)

17 Feb 2013: Modified
11 May 2012: Modified
09 Jul 2009: Added

Page Information

Page maintainer: The Editorial Team
URL: http://www.interaction-design.org/references/authors/david_f__ferraiolo.html

Upcoming Courses

go to course
User-Centred Design - Module 3
72% booked. Starts in 23 days
 
 

Featured chapter

Marc Hassenzahl explains the fascinating concept of User Experience and Experience Design. Commentaries by Don Norman, Eric Reiss, Mark Blythe, and Whitney Hess

User Experience and Experience Design !

 
 

Our Latest Books

 
 
The Social Design of Technical Systems: Building technologies for communities. 2nd Edition
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
Gamification at Work: Designing Engaging Business Software
by Janaki Mythily Kumar and Mario Herger
start reading
 
 
 
 
The Social Design of Technical Systems: Building technologies for communities
by Brian Whitworth and Adnan Ahmad
start reading
 
 
 
 
The Encyclopedia of Human-Computer Interaction, 2nd Ed.
by Mads Soegaard and Rikke Friis Dam
start reading