{"id":"https://openalex.org/W2068710192","doi":"https://doi.org/10.1145/1035429.1035433","title":"A compositional framework for access control policies enforcement","display_name":"A compositional framework for access control policies enforcement","publication_year":2003,"publication_date":"2003-10-30","ids":{"openalex":"https://openalex.org/W2068710192","doi":"https://doi.org/10.1145/1035429.1035433","mag":"2068710192"},"language":"en","primary_location":{"id":"doi:10.1145/1035429.1035433","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1035429.1035433","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2003 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078121026","display_name":"Fran\u00e7ois Siewe","orcid":"https://orcid.org/0000-0002-3741-3074"},"institutions":[{"id":"https://openalex.org/I66943878","display_name":"De Montfort University","ror":"https://ror.org/0312pnr83","country_code":"GB","type":"education","lineage":["https://openalex.org/I66943878"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Fran\u00e7ois Siewe","raw_affiliation_strings":["De Montfort University, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"De Montfort University, UK","institution_ids":["https://openalex.org/I66943878"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5005843564","display_name":"Antonio Cau","orcid":"https://orcid.org/0000-0002-3046-1217"},"institutions":[{"id":"https://openalex.org/I66943878","display_name":"De Montfort University","ror":"https://ror.org/0312pnr83","country_code":"GB","type":"education","lineage":["https://openalex.org/I66943878"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Antonio Cau","raw_affiliation_strings":["De Montfort University, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"De Montfort University, UK","institution_ids":["https://openalex.org/I66943878"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5111660006","display_name":"Hussein Zedan","orcid":null},"institutions":[{"id":"https://openalex.org/I66943878","display_name":"De Montfort University","ror":"https://ror.org/0312pnr83","country_code":"GB","type":"education","lineage":["https://openalex.org/I66943878"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Hussein Zedan","raw_affiliation_strings":["De Montfort University, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"De Montfort University, UK","institution_ids":["https://openalex.org/I66943878"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":14.985,"has_fulltext":false,"cited_by_count":43,"citation_normalized_percentile":{"value":0.98485471,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"32","last_page":"42"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9846000075340271,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7264364361763},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.6770675182342529},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.6547438502311707},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.626334011554718},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.600520133972168},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.534029483795166},{"id":"https://openalex.org/keywords/formal-specification","display_name":"Formal specification","score":0.47698265314102173},{"id":"https://openalex.org/keywords/formalism","display_name":"Formalism (music)","score":0.46258804202079773},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.43684279918670654},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3917824625968933},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3622801899909973},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.19206595420837402}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7264364361763},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.6770675182342529},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.6547438502311707},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.626334011554718},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.600520133972168},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.534029483795166},{"id":"https://openalex.org/C116253237","wikidata":"https://www.wikidata.org/wiki/Q1437424","display_name":"Formal specification","level":2,"score":0.47698265314102173},{"id":"https://openalex.org/C73301696","wikidata":"https://www.wikidata.org/wiki/Q5469984","display_name":"Formalism (music)","level":3,"score":0.46258804202079773},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.43684279918670654},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3917824625968933},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3622801899909973},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.19206595420837402},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C558565934","wikidata":"https://www.wikidata.org/wiki/Q2743","display_name":"Musical","level":2,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/1035429.1035433","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1035429.1035433","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2003 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.103.7841","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.103.7841","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cse.dmu.ac.uk/~fsiewe/pub/p109-siewe.pdf","raw_type":"text"},{"id":"pmh:oai:dora.dmu.ac.uk:2086/263","is_oa":false,"landing_page_url":"http://hdl.handle.net/2086/263","pdf_url":null,"source":{"id":"https://openalex.org/S4306400394","display_name":"DMU Open Research Archive (De Montfort University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I66943878","host_organization_name":"De Montfort University","host_organization_lineage":["https://openalex.org/I66943878"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Other"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W236281116","https://openalex.org/W1497559908","https://openalex.org/W1575746435","https://openalex.org/W1608889792","https://openalex.org/W1967951878","https://openalex.org/W1987339920","https://openalex.org/W1991895580","https://openalex.org/W2012419258","https://openalex.org/W2036910349","https://openalex.org/W2053741629","https://openalex.org/W2057345152","https://openalex.org/W2063997960","https://openalex.org/W2084621663","https://openalex.org/W2097838240","https://openalex.org/W2114917462","https://openalex.org/W2143509186","https://openalex.org/W2144642244","https://openalex.org/W2162862019","https://openalex.org/W2166602595","https://openalex.org/W2171745828","https://openalex.org/W2276797782","https://openalex.org/W2488650042","https://openalex.org/W2738444131","https://openalex.org/W4285719527","https://openalex.org/W6629640291","https://openalex.org/W6642421307","https://openalex.org/W6829987069"],"related_works":["https://openalex.org/W1815465552","https://openalex.org/W150512884","https://openalex.org/W2104122177","https://openalex.org/W2171674700","https://openalex.org/W1946493810","https://openalex.org/W1544097700","https://openalex.org/W2145025660","https://openalex.org/W1922520186","https://openalex.org/W2151883653","https://openalex.org/W17088386"],"abstract_inverted_index":{"Despite":[0],"considerable":[1],"number":[2],"of":[3,21,55,65,122,129,149],"work":[4],"on":[5],"authorization":[6],"models,":[7],"enforcing":[8],"multiple":[9,66],"policies":[10,67,69,88,150],"is":[11,42,82,103],"still":[12],"a":[13,49,123,155],"challenge":[14],"in":[15,24,153],"order":[16],"to":[17,109],"achieve":[18],"the":[19,53,63,127,144],"level":[20],"security":[22,32,130],"required":[23],"many":[25],"real-world":[26],"systems.":[27],"Moreover":[28],"current":[29],"approaches":[30],"address":[31],"settings":[33],"independently,":[34],"and":[35,87,105,117],"their":[36],"incorporation":[37],"into":[38,132],"systems":[39],"development":[40,145],"lifecycle":[41],"not":[43],"well":[44],"understood.":[45],"This":[46],"paper":[47],"presents":[48],"formal":[50,85],"model":[51],"for":[52,158],"specification":[54,148],"access":[56],"control":[57],"policies.":[58],"The":[59,101,120],"approach":[60,102],"can":[61,75,106,138],"handle":[62],"enforcement":[64],"through":[68],"composition.":[70],"Temporal":[71,79],"dependencies":[72],"among":[73],"authorizations":[74,96],"be":[76,107,139],"formulated.":[77],"Interval":[78],"Logic":[80],"(ITL)":[81],"our":[83],"underlying":[84],"framework":[86],"are":[89,97,151],"modeled":[90],"as":[91,115],"safety":[92],"properties":[93,113],"expressing":[94],"how":[95],"granted":[98],"over":[99],"time.":[100],"compositional,":[104],"used":[108],"specify":[110],"other":[111],"system\u2019s":[112],"such":[114],"functional":[116],"temporal":[118],"requirements.":[119],"use":[121],"common":[124],"formalism":[125],"eases":[126],"integration":[128],"requirements":[131,134],"system":[133],"so":[135],"that":[136],"they":[137],"reasoned":[140],"about":[141],"uniformly":[142],"throughout":[143],"lifecycle.":[146],"Furthermore":[147],"executable":[152],"Tempura,":[154],"simulation":[156],"tool":[157],"ITL.":[159]},"counts_by_year":[{"year":2019,"cited_by_count":1},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":3},{"year":2013,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}