{"id":"https://openalex.org/W2168555890","doi":"https://doi.org/10.1109/policy.2002.1011300","title":"The specification and enforcement of advanced security policies","display_name":"The specification and enforcement of advanced security policies","publication_year":2003,"publication_date":"2003-06-25","ids":{"openalex":"https://openalex.org/W2168555890","doi":"https://doi.org/10.1109/policy.2002.1011300","mag":"2168555890"},"language":"en","primary_location":{"id":"doi:10.1109/policy.2002.1011300","is_oa":false,"landing_page_url":"https://doi.org/10.1109/policy.2002.1011300","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027861632","display_name":"Tatyana Ryutov","orcid":null},"institutions":[{"id":"https://openalex.org/I1174212","display_name":"University of Southern California","ror":"https://ror.org/03taz7m60","country_code":"US","type":"education","lineage":["https://openalex.org/I1174212"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"T. Ryutov","raw_affiliation_strings":["Information Sciences Institute, University of Southern California, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Information Sciences Institute, University of Southern California, USA","institution_ids":["https://openalex.org/I1174212"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5071252756","display_name":"Clifford Neuman","orcid":"https://orcid.org/0000-0002-4318-0721"},"institutions":[{"id":"https://openalex.org/I1174212","display_name":"University of Southern California","ror":"https://ror.org/03taz7m60","country_code":"US","type":"education","lineage":["https://openalex.org/I1174212"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"C. Neuman","raw_affiliation_strings":["Information Sciences Institute, University of Southern California, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Information Sciences Institute, University of Southern California, USA","institution_ids":["https://openalex.org/I1174212"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":19.5957,"has_fulltext":false,"cited_by_count":39,"citation_normalized_percentile":{"value":0.98985669,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"128","last_page":"138"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":1.0,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":1.0,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10742","display_name":"Peer-to-Peer Network Technologies","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7644845247268677},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6667582988739014},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.6654226779937744},{"id":"https://openalex.org/keywords/receipt","display_name":"Receipt","score":0.6595208048820496},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.627245306968689},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.616921603679657},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.535255491733551},{"id":"https://openalex.org/keywords/audit-trail","display_name":"Audit trail","score":0.4927561581134796},{"id":"https://openalex.org/keywords/law-enforcement","display_name":"Law enforcement","score":0.48023921251296997},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.4658184051513672},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.4617374837398529},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.45495787262916565},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.44748127460479736},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.38498666882514954},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.2766556143760681},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.27595484256744385},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.190280020236969},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.07936608791351318},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.07595402002334595}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7644845247268677},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6667582988739014},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.6654226779937744},{"id":"https://openalex.org/C2778979077","wikidata":"https://www.wikidata.org/wiki/Q330190","display_name":"Receipt","level":2,"score":0.6595208048820496},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.627245306968689},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.616921603679657},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.535255491733551},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.4927561581134796},{"id":"https://openalex.org/C2780262971","wikidata":"https://www.wikidata.org/wiki/Q44554","display_name":"Law enforcement","level":2,"score":0.48023921251296997},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.4658184051513672},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.4617374837398529},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.45495787262916565},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.44748127460479736},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.38498666882514954},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2766556143760681},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.27595484256744385},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.190280020236969},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.07936608791351318},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.07595402002334595},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/policy.2002.1011300","is_oa":false,"landing_page_url":"https://doi.org/10.1109/policy.2002.1011300","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.800000011920929,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W99985435","https://openalex.org/W201119258","https://openalex.org/W1624532646","https://openalex.org/W1837588081","https://openalex.org/W1964549039","https://openalex.org/W2033230603","https://openalex.org/W2068310911","https://openalex.org/W2091257550","https://openalex.org/W2098629476","https://openalex.org/W2106539366","https://openalex.org/W2111996486","https://openalex.org/W2125749614","https://openalex.org/W2144794336","https://openalex.org/W2145800714","https://openalex.org/W2168884369","https://openalex.org/W2170496240","https://openalex.org/W2502349549","https://openalex.org/W2958154889","https://openalex.org/W4248223175","https://openalex.org/W6603997897","https://openalex.org/W6608201016","https://openalex.org/W6684804314"],"related_works":["https://openalex.org/W2392646799","https://openalex.org/W2188814192","https://openalex.org/W2087536126","https://openalex.org/W1519114293","https://openalex.org/W2111277540","https://openalex.org/W2151761340","https://openalex.org/W324732778","https://openalex.org/W2379121684","https://openalex.org/W2735448743","https://openalex.org/W1894319312"],"abstract_inverted_index":{"In":[0],"a":[1,43,155],"distributed":[2],"multi-user":[3],"environment,":[4],"the":[5,19,22,25,61,64,76,119,133,138,148],"security":[6,104,125],"policy":[7,39,134],"must":[8],"not":[9],"only":[10],"specify":[11],"legitimate":[12],"user":[13],"privileges":[14,26],"but":[15],"also":[16],"aid":[17],"in":[18,89],"detection":[20],"of":[21,24,52,63,78,103,123],"abuse":[23],"and":[27,91,95,97,110,121,153],"adapt":[28,67],"to":[29,68,93,140],"perceived":[30,69],"system":[31,150],"threat":[32,71,151],"conditions.":[33],"This":[34],"paper":[35],"advocates":[36],"extending":[37],"authorization":[38,115],"evaluation":[40,62,135],"mechanisms":[41],"with":[42,137],"means":[44],"for":[45],"generating":[46],"audit":[47,80],"data":[48,81],"allowing":[49],"immediate":[50],"notification":[51],"suspicious":[53],"application":[54],"level":[55,152],"activity.":[56],"It":[57],"additionally":[58],"suggests":[59],"that":[60],"policies":[65,87],"themselves":[66],"network":[70],"conditions,":[72],"possibly":[73],"affected":[74],"by":[75,82],"receipt":[77],"such":[79,106,145],"other":[83],"processes.":[84],"Such":[85],"advanced":[86,124],"assist":[88],"detecting":[90],"responding":[92],"intrusion":[94],"misuse":[96],"they":[98],"allow":[99],"more":[100],"efficient":[101],"utilization":[102],"services,":[105],"as":[107,146],"authentication,":[108],"audit,":[109],"notification.":[111,156],"We":[112],"present":[113],"an":[114],"framework,":[116],"which":[117],"enables":[118],"representation":[120],"enforcement":[122],"policies.":[126],"Our":[127],"approach":[128],"is":[129],"based":[130],"on":[131],"expanding":[132],"mechanism":[136],"ability":[139],"generate":[141],"real":[142],"time":[143],"actions,":[144],"checking":[147],"current":[149],"sending":[154]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2015,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}