{"id":"https://openalex.org/W2165077754","doi":"https://doi.org/10.1109/icdew.2007.4401062","title":"Multi-session Separation of Duties (MSoD) for RBAC","display_name":"Multi-session Separation of Duties (MSoD) for RBAC","publication_year":2007,"publication_date":"2007-04-01","ids":{"openalex":"https://openalex.org/W2165077754","doi":"https://doi.org/10.1109/icdew.2007.4401062","mag":"2165077754"},"language":"en","primary_location":{"id":"doi:10.1109/icdew.2007.4401062","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icdew.2007.4401062","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2007 IEEE 23rd International Conference on Data Engineering Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048642442","display_name":"David Chadwick","orcid":"https://orcid.org/0000-0003-3145-055X"},"institutions":[{"id":"https://openalex.org/I20581793","display_name":"University of Kent","ror":"https://ror.org/00xkeyj56","country_code":"GB","type":"education","lineage":["https://openalex.org/I20581793"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"David W Chadwick","raw_affiliation_strings":["University of Kent, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Kent, UK","institution_ids":["https://openalex.org/I20581793"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100513346","display_name":"Wensheng Xu","orcid":null},"institutions":[{"id":"https://openalex.org/I21193070","display_name":"Beijing Jiaotong University","ror":"https://ror.org/01yj56c84","country_code":"CN","type":"education","lineage":["https://openalex.org/I21193070"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Wensheng Xu","raw_affiliation_strings":["Beijing Jiaotong University, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Beijing Jiaotong University, China","institution_ids":["https://openalex.org/I21193070"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004247475","display_name":"Sassa Otenko","orcid":null},"institutions":[{"id":"https://openalex.org/I20581793","display_name":"University of Kent","ror":"https://ror.org/00xkeyj56","country_code":"GB","type":"education","lineage":["https://openalex.org/I20581793"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Sassa Otenko","raw_affiliation_strings":["University of Kent, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Kent, UK","institution_ids":["https://openalex.org/I20581793"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001626345","display_name":"Romain Laborde","orcid":"https://orcid.org/0000-0002-0943-6180"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Romain Laborde","raw_affiliation_strings":["I. R. I. T., France"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"I. R. I. T., France","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111389626","display_name":"Bassem Nasser","orcid":null},"institutions":[{"id":"https://openalex.org/I20581793","display_name":"University of Kent","ror":"https://ror.org/00xkeyj56","country_code":"GB","type":"education","lineage":["https://openalex.org/I20581793"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Bassem Nasser","raw_affiliation_strings":["University of Kent, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Kent, UK","institution_ids":["https://openalex.org/I20581793"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":7.2017,"has_fulltext":true,"cited_by_count":19,"citation_normalized_percentile":{"value":0.96748793,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"744","last_page":"753"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9865000247955322,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.9757000207901001,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.9274812936782837},{"id":"https://openalex.org/keywords/session","display_name":"Session (web analytics)","score":0.8278182148933411},{"id":"https://openalex.org/keywords/separation-of-duties","display_name":"Separation of duties","score":0.8068175315856934},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7873556613922119},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7093859314918518},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6389331817626953},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5322368741035461},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.527991771697998},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.5015997886657715},{"id":"https://openalex.org/keywords/session-key","display_name":"Session key","score":0.4433954060077667},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4270249605178833},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.20598992705345154},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.09194600582122803}],"concepts":[{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.9274812936782837},{"id":"https://openalex.org/C2779182362","wikidata":"https://www.wikidata.org/wiki/Q17126187","display_name":"Session (web analytics)","level":2,"score":0.8278182148933411},{"id":"https://openalex.org/C100587491","wikidata":"https://www.wikidata.org/wiki/Q1474665","display_name":"Separation of duties","level":4,"score":0.8068175315856934},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7873556613922119},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7093859314918518},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6389331817626953},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5322368741035461},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.527991771697998},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.5015997886657715},{"id":"https://openalex.org/C191197275","wikidata":"https://www.wikidata.org/wiki/Q1755775","display_name":"Session key","level":3,"score":0.4433954060077667},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4270249605178833},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.20598992705345154},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.09194600582122803}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/icdew.2007.4401062","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icdew.2007.4401062","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2007 IEEE 23rd International Conference on Data Engineering Workshop","raw_type":"proceedings-article"},{"id":"pmh:oai:kar.kent.ac.uk:14595","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ICDEW.2007.4401062>)","pdf_url":null,"source":{"id":"https://openalex.org/S4377196264","display_name":"Kent Academic Repository (University of Kent)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I20581793","host_organization_name":"University of Kent","host_organization_lineage":["https://openalex.org/I20581793"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"NonPeerReviewed"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.394.5699","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.394.5699","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.kent.ac.uk/pubs/2007/2529/content.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.418.9080","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.418.9080","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://ccs.njit.edu/inst/source/09STBA07.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5899999737739563,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320309","display_name":"Joint Information Systems Committee","ror":"https://ror.org/01rv9gx86"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W1544658515","https://openalex.org/W1992016522","https://openalex.org/W2000266971","https://openalex.org/W2021079739","https://openalex.org/W2038953226","https://openalex.org/W2100245805","https://openalex.org/W2103674110","https://openalex.org/W2127247263","https://openalex.org/W2134167896","https://openalex.org/W2143509186","https://openalex.org/W2163283609","https://openalex.org/W2170557676","https://openalex.org/W2755893816","https://openalex.org/W2892383113","https://openalex.org/W4285719527","https://openalex.org/W6754960229"],"related_works":["https://openalex.org/W2361825345","https://openalex.org/W2945232779","https://openalex.org/W2056139315","https://openalex.org/W2354790132","https://openalex.org/W2393886221","https://openalex.org/W2378809132","https://openalex.org/W2751035473","https://openalex.org/W2105261429","https://openalex.org/W1606180331","https://openalex.org/W318167434"],"abstract_inverted_index":{"Separation":[0],"of":[1,56,68,77,83],"duties":[2],"(SoD)":[3],"is":[4,20],"a":[5,21,78,176],"key":[6],"security":[7],"requirement":[8],"for":[9,25,122],"many":[10,134],"business":[11,95,123],"and":[12,37,155,171],"information":[13,27],"systems.":[14,28],"Role":[15],"based":[16],"access":[17,136],"controls":[18],"(RBAC)":[19],"relatively":[22],"new":[23],"paradigm":[24],"protecting":[26],"In":[29,113],"the":[30,48,54,74,141,191],"ANSI":[31],"standard":[32],"RBAC":[33,148,179],"model":[34],"both":[35],"static":[36,43],"dynamic":[38,62,89],"SoD":[39,44,63,119],"are":[40],"defined.":[41],"However,":[42],"policies":[45,64,121,146,168,174,189],"assume":[46,65],"that":[47,66,97],"system":[49],"has":[50],"full":[51],"control":[52,137],"over":[53,133],"assignment":[55],"all":[57],"roles":[58,109,153],"to":[59,143,165],"users,":[60],"whilst":[61],"conflicts":[67],"interest":[69],"can":[70],"only":[71,105],"arise":[72],"during":[73],"simultaneous":[75],"activation":[76],"user's":[79],"roles.":[80],"Unfortunately":[81],"neither":[82],"these":[84],"assumptions":[85],"hold":[86],"true":[87],"in":[88,94,147,169,175,190],"virtual":[90],"organisations":[91],"(VOs),":[92],"or":[93,102],"processes":[96,124],"span":[98],"multiple":[99,127,131],"user":[100,135],"sessions,":[101],"where":[103],"users":[104,132],"partially":[106],"disclose":[107],"their":[108],"at":[110],"each":[111],"session.":[112],"this":[114],"paper":[115],"we":[116,182,185],"propose":[117,162],"multi-session":[118,150,156],"(MSoD)":[120],"which":[125],"include":[126],"tasks":[128],"enacted":[129],"by":[130],"sessions.":[138],"We":[139,161],"explore":[140],"means":[142],"define":[144],"MSoD":[145,167,173,188],"via":[149],"mutually":[151,157],"exclusive":[152,158],"(MMER)":[154],"privileges":[159],"(MMEP).":[160],"an":[163],"approach":[164],"expressing":[166],"XML":[170],"enforcing":[172],"policy":[177],"controlled":[178],"infrastructure.":[180,195],"Finally,":[181],"describe":[183],"how":[184],"have":[186],"implemented":[187],"PERMIS":[192],"privilege":[193],"management":[194]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}