{"id":"https://openalex.org/W2126511477","doi":"https://doi.org/10.1109/perser.2007.4283900","title":"Mitigating Security Risks in Systems that Support Pervasive Services and Computing: Access-Driven Verification, Validation and Testing","display_name":"Mitigating Security Risks in Systems that Support Pervasive Services and Computing: Access-Driven Verification, Validation and Testing","publication_year":2007,"publication_date":"2007-07-01","ids":{"openalex":"https://openalex.org/W2126511477","doi":"https://doi.org/10.1109/perser.2007.4283900","mag":"2126511477"},"language":"en","primary_location":{"id":"doi:10.1109/perser.2007.4283900","is_oa":false,"landing_page_url":"https://doi.org/10.1109/perser.2007.4283900","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE International Conference on Pervasive Services","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103746845","display_name":"James D. Arthur","orcid":null},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"James D. Arthur","raw_affiliation_strings":["Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), USA","Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), arthur@vt.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), USA","institution_ids":["https://openalex.org/I859038795"]},{"raw_affiliation_string":"Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), arthur@vt.edu","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047799593","display_name":"Anil Bazaz","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]},{"id":"https://openalex.org/I4210123534","display_name":"OR Concepts Applied (United States)","ror":"https://ror.org/0297rgf95","country_code":"US","type":"company","lineage":["https://openalex.org/I4210123534"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anil Bazaz","raw_affiliation_strings":["Orca Computer, Inc","Software Protection Platform Team, Microsoft Corporation, abazaz@microsoft.com"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Orca Computer, Inc","institution_ids":["https://openalex.org/I4210123534"]},{"raw_affiliation_string":"Software Protection Platform Team, Microsoft Corporation, abazaz@microsoft.com","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018624571","display_name":"Richard E. Nance","orcid":null},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Richard E. Nance","raw_affiliation_strings":["Software Protection Platform Team, Microsoft Corporation, USA","Orca Computer, Inc., nance@vt.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Software Protection Platform Team, Microsoft Corporation, USA","institution_ids":["https://openalex.org/I1290206253"]},{"raw_affiliation_string":"Orca Computer, Inc., nance@vt.edu","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044434662","display_name":"Osman Balc\u0131","orcid":"https://orcid.org/0000-0002-2965-3035"},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Osman Balci","raw_affiliation_strings":["Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), USA","Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), balci@vt.edu"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), USA","institution_ids":["https://openalex.org/I859038795"]},{"raw_affiliation_string":"Department of Computer Science, Virginia Polytechnic Institute and State University (Virginia Tech), balci@vt.edu","institution_ids":["https://openalex.org/I859038795"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.9688,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.82904006,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"109","last_page":"117"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8254091739654541},{"id":"https://openalex.org/keywords/ubiquitous-computing","display_name":"Ubiquitous computing","score":0.8008499145507812},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6702422499656677},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6396188735961914},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.532723069190979},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.44785362482070923},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.2602366805076599},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.12844446301460266}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8254091739654541},{"id":"https://openalex.org/C172195944","wikidata":"https://www.wikidata.org/wiki/Q541265","display_name":"Ubiquitous computing","level":2,"score":0.8008499145507812},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6702422499656677},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6396188735961914},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.532723069190979},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.44785362482070923},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.2602366805076599},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.12844446301460266},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/perser.2007.4283900","is_oa":false,"landing_page_url":"https://doi.org/10.1109/perser.2007.4283900","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE International Conference on Pervasive Services","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.5400000214576721}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W74275331","https://openalex.org/W116833590","https://openalex.org/W591304058","https://openalex.org/W1531064568","https://openalex.org/W1559645909","https://openalex.org/W1689932539","https://openalex.org/W1806900782","https://openalex.org/W1964992116","https://openalex.org/W2102558121","https://openalex.org/W2137952932","https://openalex.org/W2171075471","https://openalex.org/W6617643805","https://openalex.org/W6631877940","https://openalex.org/W6633565727"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W1590307681","https://openalex.org/W3048799479","https://openalex.org/W3006507989","https://openalex.org/W2779961139","https://openalex.org/W2763500028","https://openalex.org/W4240288358","https://openalex.org/W4240241597"],"abstract_inverted_index":{"Unique":[0],"operational":[1],"and":[2,8,26,32,37,48,66,81,92,97,106,108,113,142],"environmental":[3],"characteristics":[4],"define":[5,12],"pervasive":[6,42,119],"services":[7,43],"computing;":[9],"they,":[10],"too,":[11],"an":[13,61],"ideal":[14],"atmosphere":[15],"in":[16],"which":[17],"security":[18,124],"risks":[19],"flourish.":[20],"Ever-present":[21],"accessibility":[22],"through":[23,71],"the":[24,38,138],"networked":[25],"wireless":[27],"infrastructures,":[28],"dependency":[29],"on":[30],"autonomous":[31],"often":[33],"anonymous":[34],"computing":[35,120],"agents,":[36],"ubiquitous":[39],"nature":[40],"of":[41,75,135],"make":[44],"them":[45],"both":[46],"enticing":[47],"easy":[49],"targets":[50],"for":[51],"ill-intentioned":[52],"activities.":[53],"To":[54],"help":[55],"mitigate":[56],"that":[57],"risk,":[58],"we":[59],"propose":[60],"adaptive,":[62],"access-driven":[63],"verification,":[64],"validation":[65],"testing":[67],"(VV&T)":[68],"strategy":[69],"that,":[70],"a":[72],"Process/Object":[73],"Model":[74],"Computation,":[76],"(a)":[77],"identifies":[78],"those":[79,95],"resources":[80],"software":[82,104,139],"objects":[83],"most":[84],"susceptible":[85],"to":[86,110,114,123,131,137],"attack,":[87],"(b)":[88],"enumerates":[89],"violable":[90],"constraints":[91,107],"assumptions":[93,109],"underlying":[94],"attacks,":[96],"(c)":[98],"provides":[99],"multi-level":[100],"strategies":[101,128],"incorporating":[102],"resources,":[103],"objects,":[105],"determine":[111],"if,":[112],"what":[115],"extent,":[116],"systems":[117],"supporting":[118],"are":[121,129],"vulnerable":[122],"exploits.":[125],"The":[126],"VV&T":[127],"defined":[130],"accommodate":[132],"various":[133],"levels":[134],"access":[136],"development":[140],"process":[141],"its":[143],"artifacts.":[144]},"counts_by_year":[{"year":2018,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}