{"id":"https://openalex.org/W7154449669","doi":"https://doi.org/10.1007/978-3-032-22752-2_6","title":"Automatically Tightening Access Control Policies with Restricter","display_name":"Automatically Tightening Access Control Policies with Restricter","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7154449669","doi":"https://doi.org/10.1007/978-3-032-22752-2_6"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-032-22752-2_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-032-22752-2_6","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-032-22752-2_6.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/978-3-032-22752-2_6.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5057397228","display_name":"Ka Lok Wu","orcid":"https://orcid.org/0000-0001-6315-9068"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ka Lok Wu","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, 11794, USA"],"raw_orcid":"https://orcid.org/0000-0001-6315-9068","affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, 11794, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5123617557","display_name":"Christa Jenkins","orcid":null},"institutions":[{"id":"https://openalex.org/I4210140281","display_name":"Galois (United States)","ror":"https://ror.org/03g8y8161","country_code":"US","type":"company","lineage":["https://openalex.org/I4210140281"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christa Jenkins","raw_affiliation_strings":["Galois, Inc. Portland, OR, 97204, USA"],"raw_orcid":"https://orcid.org/0000-0002-5434-5018","affiliations":[{"raw_affiliation_string":"Galois, Inc. Portland, OR, 97204, USA","institution_ids":["https://openalex.org/I4210140281"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021474885","display_name":"Scott D. Stoller","orcid":"https://orcid.org/0000-0002-8824-6835"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Scott D. Stoller","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, 11794, USA"],"raw_orcid":"https://orcid.org/0000-0002-8824-6835","affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, 11794, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070136662","display_name":"Omar Chowdhury","orcid":"https://orcid.org/0000-0002-1356-6279"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Omar Chowdhury","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, 11794, USA"],"raw_orcid":"https://orcid.org/0000-0002-1356-6279","affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, 11794, USA","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5070136662"],"corresponding_institution_ids":["https://openalex.org/I59553526"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":{"value":5000,"currency":"EUR","value_usd":5392},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.84657277,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"110","last_page":"129"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.7958999872207642,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.7958999872207642,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.05649999901652336,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.008799999952316284,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.607200026512146},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4472000002861023},{"id":"https://openalex.org/keywords/control-system","display_name":"Control system","score":0.3296000063419342},{"id":"https://openalex.org/keywords/physical-access","display_name":"Physical access","score":0.29750001430511475},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.27129998803138733}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8432000279426575},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.607200026512146},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4472000002861023},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.337799996137619},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.33649998903274536},{"id":"https://openalex.org/C17500928","wikidata":"https://www.wikidata.org/wiki/Q959968","display_name":"Control system","level":2,"score":0.3296000063419342},{"id":"https://openalex.org/C1304207","wikidata":"https://www.wikidata.org/wiki/Q7189582","display_name":"Physical access","level":3,"score":0.29750001430511475},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.28360000252723694},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.27129998803138733},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.2563000023365021},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.25270000100135803}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-032-22752-2_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-032-22752-2_6","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-032-22752-2_6.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"}],"best_oa_location":{"id":"doi:10.1007/978-3-032-22752-2_6","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-032-22752-2_6","pdf_url":"https://link.springer.com/content/pdf/10.1007/978-3-032-22752-2_6.pdf","source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"sustainable_development_goals":[{"display_name":"Reduced inequalities","score":0.4264465570449829,"id":"https://metadata.un.org/sdg/10"}],"awards":[{"id":"https://openalex.org/G4883049742","display_name":"SHF: Medium: Configuration for Assurance: Safe, Live, and Secure Distributed Systems","funder_award_id":"1954837","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7467562504","display_name":null,"funder_award_id":"CCF-1954837","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320331904","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7154449669.pdf","grobid_xml":"https://content.openalex.org/works/W7154449669.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W1613706077","https://openalex.org/W2094878426","https://openalex.org/W2111111494","https://openalex.org/W2134734244","https://openalex.org/W2618541213","https://openalex.org/W2619305693","https://openalex.org/W2749040653","https://openalex.org/W2771587641","https://openalex.org/W2774959022","https://openalex.org/W2817857516","https://openalex.org/W2884958048","https://openalex.org/W2888685578","https://openalex.org/W2901330051","https://openalex.org/W2956992268","https://openalex.org/W2962744771","https://openalex.org/W2988851004","https://openalex.org/W3127358641","https://openalex.org/W4225922019","https://openalex.org/W4376612696","https://openalex.org/W4377966266","https://openalex.org/W4384154579","https://openalex.org/W4396242236","https://openalex.org/W4403223445"],"related_works":[],"abstract_inverted_index":{"Robust":[0],"access":[1,13,75,82,87,102],"control":[2,14],"is":[3,16,39,118],"a":[4,40,69,106],"cornerstone":[5],"of":[6,36,68,101,113],"secure":[7],"software,":[8],"systems,":[9],"and":[10,84,128],"networks.":[11],"An":[12],"mechanism":[15],"as":[17,19,33],"effective":[18,26],"the":[20,34,99,111,114],"policy":[21,66,70,95,107,126],"it":[22,117],"enforces.":[23],"However,":[24],"authoring":[25],"policies":[27],"that":[28],"satisfy":[29],"desired":[30],"properties":[31],"such":[32],"principle":[35],"least":[37],"privilege":[38],"challenging":[41],"task":[42],"even":[43],"for":[44,123],"experienced":[45],"administrators.":[46],"In":[47],"this":[48,55],"paper,":[49],"we":[50],"set":[51],"out":[52],"to":[53,73],"address":[54],"pain":[56],"point":[57],"by":[58,97,105],"proposing":[59],"Restricter,":[60],"which":[61,77],"automatically":[62],"tightens":[63],"each":[64],"(permit)":[65],"rule":[67,108],"with":[71],"respect":[72],"an":[74],"log,":[76],"captures":[78],"some":[79],"already":[80],"exercised":[81],"requests":[83,103],"their":[85],"corresponding":[86],"decisions":[88],"(i.e.,":[89],"allow":[90],"or":[91],"deny).":[92],"Restricter":[93,122],"achieves":[94],"tightening":[96],"reducing":[98],"number":[100],"permitted":[104],"without":[109],"sacrificing":[110],"functionality":[112],"underlying":[115],"system":[116],"regulating.":[119],"We":[120],"implement":[121],"Amazon\u2019s":[124],"Cedar":[125],"language":[127],"demonstrate":[129],"its":[130],"effectiveness":[131],"through":[132],"two":[133],"realistic":[134],"case":[135],"studies.":[136]},"counts_by_year":[],"updated_date":"2026-04-29T09:16:38.111599","created_date":"2026-04-16T00:00:00"}