{"id":"https://openalex.org/W2146356111","doi":"https://doi.org/10.1145/1062455.1062502","title":"Verification and change-impact analysis of access-control policies","display_name":"Verification and change-impact analysis of access-control policies","publication_year":2005,"publication_date":"2005-01-01","ids":{"openalex":"https://openalex.org/W2146356111","doi":"https://doi.org/10.1145/1062455.1062502","mag":"2146356111"},"language":"en","primary_location":{"id":"doi:10.1145/1062455.1062502","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1062455.1062502","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th international conference on Software engineering  - ICSE '05","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047286412","display_name":"Kathi Fisler","orcid":"https://orcid.org/0000-0002-7895-8206"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kathi Fisler","raw_affiliation_strings":["WPI"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"WPI","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024394821","display_name":"Shriram Krishnamurthi","orcid":"https://orcid.org/0000-0001-5184-1975"},"institutions":[{"id":"https://openalex.org/I175594653","display_name":"John Brown University","ror":"https://ror.org/02ct41q97","country_code":"US","type":"education","lineage":["https://openalex.org/I175594653"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shriram Krishnamurthi","raw_affiliation_strings":["Brown University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brown University","institution_ids":["https://openalex.org/I175594653"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5057120060","display_name":"Leo A. Meyerovich","orcid":null},"institutions":[{"id":"https://openalex.org/I175594653","display_name":"John Brown University","ror":"https://ror.org/02ct41q97","country_code":"US","type":"education","lineage":["https://openalex.org/I175594653"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Leo A. Meyerovich","raw_affiliation_strings":["Brown University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brown University","institution_ids":["https://openalex.org/I175594653"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088732631","display_name":"Michael Carl Tschantz","orcid":"https://orcid.org/0000-0003-1367-3784"},"institutions":[{"id":"https://openalex.org/I175594653","display_name":"John Brown University","ror":"https://ror.org/02ct41q97","country_code":"US","type":"education","lineage":["https://openalex.org/I175594653"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael Carl Tschantz","raw_affiliation_strings":["Brown University"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Brown University","institution_ids":["https://openalex.org/I175594653"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":80.1812,"has_fulltext":false,"cited_by_count":396,"citation_normalized_percentile":{"value":0.99938982,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"196","last_page":"196"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/xacml","display_name":"XACML","score":0.9264434576034546},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8343032598495483},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7233798503875732},{"id":"https://openalex.org/keywords/suite","display_name":"Suite","score":0.5936527252197266},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4912034869194031},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.44718703627586365},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4440378248691559},{"id":"https://openalex.org/keywords/data-access","display_name":"Data access","score":0.43301305174827576},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.42055684328079224},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.35826975107192993},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3481121361255646},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.21853891015052795}],"concepts":[{"id":"https://openalex.org/C2779886121","wikidata":"https://www.wikidata.org/wiki/Q288682","display_name":"XACML","level":3,"score":0.9264434576034546},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8343032598495483},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7233798503875732},{"id":"https://openalex.org/C79581498","wikidata":"https://www.wikidata.org/wiki/Q1367530","display_name":"Suite","level":2,"score":0.5936527252197266},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4912034869194031},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.44718703627586365},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4440378248691559},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.43301305174827576},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.42055684328079224},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.35826975107192993},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3481121361255646},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.21853891015052795},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1062455.1062502","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1062455.1062502","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 27th international conference on Software engineering  - ICSE '05","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7599999904632568,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W147254891","https://openalex.org/W1490597684","https://openalex.org/W1493895802","https://openalex.org/W1593409397","https://openalex.org/W1596186423","https://openalex.org/W1783388813","https://openalex.org/W1973828066","https://openalex.org/W2002301065","https://openalex.org/W2012656123","https://openalex.org/W2015077407","https://openalex.org/W2032131630","https://openalex.org/W2074845051","https://openalex.org/W2080267935","https://openalex.org/W2083255124","https://openalex.org/W2103317919","https://openalex.org/W2116860113","https://openalex.org/W2122049982","https://openalex.org/W2122140024","https://openalex.org/W2135870733","https://openalex.org/W2145793726","https://openalex.org/W2152505375","https://openalex.org/W2154061425","https://openalex.org/W2164033917","https://openalex.org/W2167030131","https://openalex.org/W2167435507","https://openalex.org/W3145454088","https://openalex.org/W3151756653"],"related_works":["https://openalex.org/W2351416088","https://openalex.org/W2349247816","https://openalex.org/W2198182223","https://openalex.org/W1552878720","https://openalex.org/W2114574764","https://openalex.org/W130718849","https://openalex.org/W2348423860","https://openalex.org/W2544881096","https://openalex.org/W2400010433","https://openalex.org/W2005937085"],"abstract_inverted_index":{"Sensitive":[0],"data":[1,31],"are":[2],"increasingly":[3,69],"available":[4],"on-line":[5],"through":[6],"the":[7,15,28,40,57,91,98,122],"Web":[8],"and":[9,65,88,150],"other":[10],"distributed":[11],"protocols.":[12],"This":[13],"heightens":[14],"need":[16,81],"to":[17,21,36,53,59,74,82,86,89,132,153],"carefully":[18],"control":[19],"access":[20,35,58],"data.":[22,60],"Control":[23],"means":[24],"not":[25],"only":[26],"preventing":[27],"leakage":[29],"of":[30,93,100,130,143],"but":[32],"also":[33,136],"permitting":[34],"necessary":[37],"information.":[38],"Indeed,":[39],"same":[41],"datum":[42],"is":[43],"often":[44],"treated":[45],"differently":[46],"depending":[47],"on":[48,56],"context.System":[49],"designers":[50],"create":[51],"policies":[52,84,119,154],"express":[54,75],"conditions":[55],"To":[61],"reduce":[62],"source":[63],"clutter":[64],"improve":[66],"maintenance,":[67],"developers":[68],"use":[70],"domain-specific,":[71],"declarative":[72],"languages":[73],"these":[76,148],"policies.":[77,112,144],"In":[78],"turn,":[79],"administrators":[80],"analyze":[83],"relative":[85],"properties,":[87],"understand":[90],"effect":[92],"policy":[94],"changes":[95],"even":[96],"in":[97,121],"absence":[99],"properties.This":[101],"paper":[102],"presents":[103],"Margrave,":[104],"a":[105,115,128,156],"software":[106,158],"suite":[107],"for":[108],"analyzing":[109],"role-based":[110],"access-control":[111],"Margrave":[113],"includes":[114],"verifier":[116],"that":[117],"analyzes":[118],"written":[120],"XACML":[123],"language,":[124],"translating":[125],"them":[126,152],"into":[127],"form":[129],"decision-diagram":[131],"answer":[133],"queries.":[134],"It":[135],"provides":[137],"semantic":[138],"differencing":[139],"information":[140],"between":[141],"versions":[142],"We":[145],"have":[146],"implemented":[147],"techniques":[149],"applied":[151],"from":[155],"working":[157],"application.":[159]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":12},{"year":2019,"cited_by_count":13},{"year":2018,"cited_by_count":23},{"year":2017,"cited_by_count":18},{"year":2016,"cited_by_count":31},{"year":2015,"cited_by_count":29},{"year":2014,"cited_by_count":26},{"year":2013,"cited_by_count":24},{"year":2012,"cited_by_count":23}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}