{"id":"https://openalex.org/W2058552729","doi":"https://doi.org/10.1109/cnsm.2013.6727843","title":"Refactoring multi-layered access control policies through (De)composition","display_name":"Refactoring multi-layered access control policies through (De)composition","publication_year":2013,"publication_date":"2013-10-01","ids":{"openalex":"https://openalex.org/W2058552729","doi":"https://doi.org/10.1109/cnsm.2013.6727843","mag":"2058552729"},"language":"en","primary_location":{"id":"doi:10.1109/cnsm.2013.6727843","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cnsm.2013.6727843","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027345616","display_name":"Matteo Maria Casalino","orcid":null},"institutions":[{"id":"https://openalex.org/I100532134","display_name":"Universit\u00e9 Claude Bernard Lyon 1","ror":"https://ror.org/029brtt94","country_code":"FR","type":"education","lineage":["https://openalex.org/I100532134","https://openalex.org/I203339264"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Matteo Maria Casalino","raw_affiliation_strings":["Universit\u00e9 Claude Bernard Lyon 1, France","SAP Labs. France, Sophia-Antipolis, France"],"affiliations":[{"raw_affiliation_string":"Universit\u00e9 Claude Bernard Lyon 1, France","institution_ids":["https://openalex.org/I100532134"]},{"raw_affiliation_string":"SAP Labs. France, Sophia-Antipolis, France","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013390860","display_name":"Romuald Thion","orcid":null},"institutions":[{"id":"https://openalex.org/I100532134","display_name":"Universit\u00e9 Claude Bernard Lyon 1","ror":"https://ror.org/029brtt94","country_code":"FR","type":"education","lineage":["https://openalex.org/I100532134","https://openalex.org/I203339264"]},{"id":"https://openalex.org/I4210155607","display_name":"Laboratoire d'Informatique en Images et Syst\u00e8mes d'Information","ror":"https://ror.org/04dv4he91","country_code":"FR","type":"facility","lineage":["https://openalex.org/I100532134","https://openalex.org/I112936343","https://openalex.org/I1294671590","https://openalex.org/I188626449","https://openalex.org/I203339264","https://openalex.org/I203339264","https://openalex.org/I203339264","https://openalex.org/I203339264","https://openalex.org/I4210155607","https://openalex.org/I48430043"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Romuald Thion","raw_affiliation_strings":["Universit\u00e9 Claude Bernard Lyon 1, France","LIRIS, Univ. Claude Bernard Lyon 1, Lyon, France"],"affiliations":[{"raw_affiliation_string":"Universit\u00e9 Claude Bernard Lyon 1, France","institution_ids":["https://openalex.org/I100532134"]},{"raw_affiliation_string":"LIRIS, Univ. Claude Bernard Lyon 1, Lyon, France","institution_ids":["https://openalex.org/I4210155607","https://openalex.org/I100532134"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5027345616"],"corresponding_institution_ids":["https://openalex.org/I100532134"],"apc_list":null,"apc_paid":null,"fwci":2.0294,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.90550709,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"243","last_page":"250"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8057788014411926},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7567123770713806},{"id":"https://openalex.org/keywords/code-refactoring","display_name":"Code refactoring","score":0.708952009677887},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.545593798160553},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.5061890482902527},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.47891294956207275},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.46673640608787537},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.4618607461452484},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.44559621810913086},{"id":"https://openalex.org/keywords/xacml","display_name":"XACML","score":0.4385947585105896},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.4319098889827728},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.40326985716819763},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3629162907600403},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.2974661588668823},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.2402321696281433},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1625249683856964},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.11096268892288208}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8057788014411926},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7567123770713806},{"id":"https://openalex.org/C152752567","wikidata":"https://www.wikidata.org/wiki/Q116877","display_name":"Code refactoring","level":3,"score":0.708952009677887},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.545593798160553},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.5061890482902527},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.47891294956207275},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.46673640608787537},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.4618607461452484},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.44559621810913086},{"id":"https://openalex.org/C2779886121","wikidata":"https://www.wikidata.org/wiki/Q288682","display_name":"XACML","level":3,"score":0.4385947585105896},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.4319098889827728},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.40326985716819763},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3629162907600403},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.2974661588668823},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.2402321696281433},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1625249683856964},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.11096268892288208},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/cnsm.2013.6727843","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cnsm.2013.6727843","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013)","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-01339261v1","is_oa":false,"landing_page_url":"https://hal.science/hal-01339261","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"International Conference on Network and Service Management (CNSM), Oct 2013, Z\u00fcrich, Switzerland. pp.243-250, &#x27E8;10.1109/CNSM.2013.6727843&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.47999998927116394,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320338370","display_name":"FP7 Information and Communication Technologies","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W95642453","https://openalex.org/W1480612188","https://openalex.org/W1520745363","https://openalex.org/W1918349060","https://openalex.org/W1976797825","https://openalex.org/W1981023347","https://openalex.org/W1985239372","https://openalex.org/W1996778950","https://openalex.org/W2045054164","https://openalex.org/W2096679329","https://openalex.org/W2110810394","https://openalex.org/W2135665381","https://openalex.org/W2137463924","https://openalex.org/W2140730933","https://openalex.org/W2148656332","https://openalex.org/W2156256339","https://openalex.org/W2173869701","https://openalex.org/W2598035280","https://openalex.org/W6628540260","https://openalex.org/W6631222273","https://openalex.org/W6665803576","https://openalex.org/W6735382231"],"related_works":["https://openalex.org/W2351416088","https://openalex.org/W2791565031","https://openalex.org/W1993102289","https://openalex.org/W130718849","https://openalex.org/W2896439152","https://openalex.org/W2981186629","https://openalex.org/W2393973626","https://openalex.org/W2012419258","https://openalex.org/W318167434","https://openalex.org/W2121163399"],"abstract_inverted_index":{"Policy-based":[0],"access":[1,73,85],"control":[2,13,74,86],"is":[3,98],"a":[4,71,79,90,132,148],"well-established":[5],"paradigm":[6],"for":[7,34],"securing":[8],"layered":[9],"IT":[10],"systems.":[11],"Access":[12],"policies,":[14],"however,":[15],"often":[16],"do":[17],"not":[18],"focus":[19,94],"on":[20,40],"dedicated":[21],"architecture":[22,117],"layers,":[23,118],"but":[24],"increasingly":[25],"employ":[26],"concepts":[27],"of":[28,43,57,82,95,105,124,135,150,155],"multiple":[29],"layers.":[30],"Web":[31],"application":[32],"servers,":[33],"instance,":[35],"typically":[36],"support":[37],"request":[38],"filtering":[39],"the":[41,55,63,83,102,122,136,143],"basis":[42],"network":[44],"addresses.":[45],"The":[46,93],"resulting":[47],"flexibility":[48],"comes":[49],"with":[50],"increased":[51],"management":[52],"complexity":[53],"and":[54,139],"risk":[56],"security-relevant":[58],"misconfiguration":[59],"when":[60],"looking":[61],"at":[62],"various":[64],"policies":[65,114],"in":[66,89,128],"isolation.":[67],"We":[68],"therefore":[69],"propose":[70],"flexible":[72],"framework":[75,107],"able":[76],"to":[77,99,111,120,130,141],"provide":[78],"comprehensive":[80],"view":[81,134],"global":[84,137,144],"policy":[87,145],"implemented":[88],"given":[91],"system.":[92],"this":[96,106],"paper":[97],"lay":[100],"down":[101],"theoretical":[103],"foundations":[104],"that":[108],"allows":[109],"(i)":[110],"describe":[112],"authorization":[113],"from":[115,159],"different":[116],"(ii)":[119],"capture":[121],"semantics":[123],"dependencies":[125],"between":[126],"layers":[127],"order":[129],"create":[131],"composed":[133],"policy,":[138],"(iii)":[140],"decompose":[142],"again":[146],"into":[147],"collection":[149],"simpler":[151],"ones":[152],"by":[153],"means":[154],"algebraic":[156],"techniques":[157],"inspired":[158],"database":[160],"normalization":[161],"theory.":[162]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2026-03-25T13:04:00.132906","created_date":"2025-10-10T00:00:00"}