{"id":"https://openalex.org/W2105049532","doi":"https://doi.org/10.1109/tsmcc.2010.2047856","title":"Constructing Authorization Systems Using Assurance Management Framework","display_name":"Constructing Authorization Systems Using Assurance Management Framework","publication_year":2010,"publication_date":"2010-05-21","ids":{"openalex":"https://openalex.org/W2105049532","doi":"https://doi.org/10.1109/tsmcc.2010.2047856","mag":"2105049532"},"language":"en","primary_location":{"id":"doi:10.1109/tsmcc.2010.2047856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsmcc.2010.2047856","pdf_url":null,"source":{"id":"https://openalex.org/S4210227557","display_name":"IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews)","issn_l":"1094-6977","issn":["1094-6977","1558-2442"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056657952","display_name":"Hongxin Hu","orcid":"https://orcid.org/0000-0001-8710-247X"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Hongxin Hu","raw_affiliation_strings":["Future Computing Laboratory, The School of Computing, Informatics, and Decision Systems Engineering, Ira A. Fulton Schools of Engineering, Arizona State University, Tempe, AZ, USA","Security Eng. for Future Comput. Lab., Arizona State Univ., Tempe, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Future Computing Laboratory, The School of Computing, Informatics, and Decision Systems Engineering, Ira A. Fulton Schools of Engineering, Arizona State University, Tempe, AZ, USA","institution_ids":["https://openalex.org/I55732556"]},{"raw_affiliation_string":"Security Eng. for Future Comput. Lab., Arizona State Univ., Tempe, AZ, USA","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025770693","display_name":"Gail\u2010Joon Ahn","orcid":"https://orcid.org/0000-0002-4271-1666"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gail-Joon Ahn","raw_affiliation_strings":["Future Computing Laboratory, The School of Computing, Informatics, and Decision Systems Engineering, Ira A. Fulton Schools of Engineering, Arizona State University, Tempe, AZ, USA","Security Eng. for Future Comput. Lab., Arizona State Univ., Tempe, AZ, USA"],"affiliations":[{"raw_affiliation_string":"Future Computing Laboratory, The School of Computing, Informatics, and Decision Systems Engineering, Ira A. Fulton Schools of Engineering, Arizona State University, Tempe, AZ, USA","institution_ids":["https://openalex.org/I55732556"]},{"raw_affiliation_string":"Security Eng. for Future Comput. Lab., Arizona State Univ., Tempe, AZ, USA","institution_ids":["https://openalex.org/I55732556"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5056657952"],"corresponding_institution_ids":["https://openalex.org/I55732556"],"apc_list":null,"apc_paid":null,"fwci":0.984,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.86444355,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"40","issue":"4","first_page":"396","last_page":"405"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9847999811172485,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/systems-development-life-cycle","display_name":"Systems development life cycle","score":0.8390506505966187},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.679126501083374},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6438875198364258},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5280051231384277},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5267288684844971},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.489450603723526},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4793620705604553},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.479107141494751},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.4641035795211792},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.44498538970947266},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.4148983955383301},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.38976678252220154},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.35811716318130493},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2707582712173462},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.24150705337524414},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1937600076198578},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09048354625701904}],"concepts":[{"id":"https://openalex.org/C120617098","wikidata":"https://www.wikidata.org/wiki/Q559486","display_name":"Systems development life cycle","level":5,"score":0.8390506505966187},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.679126501083374},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6438875198364258},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5280051231384277},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5267288684844971},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.489450603723526},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4793620705604553},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.479107141494751},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.4641035795211792},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.44498538970947266},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.4148983955383301},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.38976678252220154},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.35811716318130493},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2707582712173462},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.24150705337524414},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1937600076198578},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09048354625701904},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tsmcc.2010.2047856","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsmcc.2010.2047856","pdf_url":null,"source":{"id":"https://openalex.org/S4210227557","display_name":"IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews)","issn_l":"1094-6977","issn":["1094-6977","1558-2442"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.682.3860","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.682.3860","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://sefcom.asu.edu/publications/constructing-authorization-systems-tsmc2010.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.700.304","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.700.304","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://people.cs.clemson.edu/%7Ehongxih/papers/TSMCC10.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5400000214576721,"display_name":"Responsible consumption and production","id":"https://metadata.un.org/sdg/12"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W1486178352","https://openalex.org/W1524147119","https://openalex.org/W1602650507","https://openalex.org/W1981973377","https://openalex.org/W1986989788","https://openalex.org/W2000952251","https://openalex.org/W2006841241","https://openalex.org/W2010173096","https://openalex.org/W2015019160","https://openalex.org/W2021079739","https://openalex.org/W2026032080","https://openalex.org/W2037392323","https://openalex.org/W2037416864","https://openalex.org/W2043723411","https://openalex.org/W2044323096","https://openalex.org/W2046398106","https://openalex.org/W2060440626","https://openalex.org/W2096874051","https://openalex.org/W2097723210","https://openalex.org/W2105706607","https://openalex.org/W2108147409","https://openalex.org/W2114555853","https://openalex.org/W2125174515","https://openalex.org/W2138561498","https://openalex.org/W2140890531","https://openalex.org/W2144794336","https://openalex.org/W2146356111","https://openalex.org/W2151430568","https://openalex.org/W2154061425","https://openalex.org/W2154765153","https://openalex.org/W2166602595","https://openalex.org/W2168884369","https://openalex.org/W2307877065","https://openalex.org/W4239799578","https://openalex.org/W4241543066","https://openalex.org/W4247999361","https://openalex.org/W6629172888","https://openalex.org/W6662107468","https://openalex.org/W6674822417"],"related_works":["https://openalex.org/W4294309585","https://openalex.org/W4292756589","https://openalex.org/W3211439315","https://openalex.org/W2641697796","https://openalex.org/W2893925485","https://openalex.org/W4376850252","https://openalex.org/W4388809665","https://openalex.org/W2158222409","https://openalex.org/W1505159507","https://openalex.org/W2143509589"],"abstract_inverted_index":{"Model-driven":[0],"approach":[1,24],"has":[2],"recently":[3],"received":[4],"much":[5],"attention":[6],"in":[7,25,107,116],"developing":[8],"secure":[9],"software":[10,15,30,59],"and":[11,40,50,91,98,112],"systems.":[12,79],"In":[13,52],"addition,":[14],"developers":[16],"have":[17],"attempted":[18],"to":[19,43],"employ":[20],"such":[21],"an":[22,68],"emerging":[23],"the":[26,44,75],"early":[27],"stage":[28],"of":[29,46,77,84,94],"development":[31,60,76],"life":[32,61],"cycle.":[33],"However,":[34],"security":[35,86,88,95],"concerns":[36],"are":[37],"rarely":[38],"considered":[39],"practiced":[41],"due":[42],"lack":[45],"appropriate":[47],"systematic":[48],"mechanisms":[49],"tools.":[51],"this":[53],"paper,":[54],"we":[55],"introduce":[56],"a":[57,118],"multilayered":[58],"cycle":[62],"(SDLC),":[63],"which":[64],"is":[65],"based":[66],"on":[67,74],"assurance":[69],"management":[70],"framework":[71],"(AMF),":[72],"focusing":[73],"authorization":[78,110,120],"AMF":[80],"facilitates":[81],"comprehensive":[82],"realization":[83],"formal":[85],"model,":[87],"policy":[89],"specification":[90],"verification,":[92],"generation":[93],"enforcement":[96],"codes,":[97],"rigorous":[99],"conformance":[100],"testing.":[101],"We":[102],"also":[103],"articulate":[104],"our":[105],"experience":[106],"analyzing":[108],"role-based":[109,119],"requirements":[111,115],"realizing":[113],"those":[114],"constructing":[117],"system.":[121]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}