{"id":"https://openalex.org/W1975449217","doi":"https://doi.org/10.1145/1063979.1063982","title":"Composing and combining policies under the policy machine","display_name":"Composing and combining policies under the policy machine","publication_year":2005,"publication_date":"2005-06-01","ids":{"openalex":"https://openalex.org/W1975449217","doi":"https://doi.org/10.1145/1063979.1063982","mag":"1975449217"},"language":"en","primary_location":{"id":"doi:10.1145/1063979.1063982","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1063979.1063982","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the tenth ACM symposium on Access control models and technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111935961","display_name":"David F. Ferraiolo","orcid":null},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"David F. Ferraiolo","raw_affiliation_strings":["National Institute of Standards and Technology, Gaithersburg, MD"],"affiliations":[{"raw_affiliation_string":"National Institute of Standards and Technology, Gaithersburg, MD","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090713458","display_name":"Serban I. Gavrila","orcid":null},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Serban Gavrila","raw_affiliation_strings":["National Institute of Standards and Technology, Gaithersburg, MD"],"affiliations":[{"raw_affiliation_string":"National Institute of Standards and Technology, Gaithersburg, MD","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091259454","display_name":"Vincent C. Hu","orcid":"https://orcid.org/0000-0002-1646-0584"},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Vincent Hu","raw_affiliation_strings":["National Institute of Standards and Technology, Gaithersburg, MD"],"affiliations":[{"raw_affiliation_string":"National Institute of Standards and Technology, Gaithersburg, MD","institution_ids":["https://openalex.org/I1321296531"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011985891","display_name":"D. Richard Kuhn","orcid":"https://orcid.org/0000-0003-0050-1596"},"institutions":[{"id":"https://openalex.org/I1321296531","display_name":"National Institute of Standards and Technology","ror":"https://ror.org/05xpvk416","country_code":"US","type":"funder","lineage":["https://openalex.org/I1321296531","https://openalex.org/I1343035065"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"D. Richard Kuhn","raw_affiliation_strings":["National Institute of Standards and Technology, Gaithersburg, MD"],"affiliations":[{"raw_affiliation_string":"National Institute of Standards and Technology, Gaithersburg, MD","institution_ids":["https://openalex.org/I1321296531"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5111935961"],"corresponding_institution_ids":["https://openalex.org/I1321296531"],"apc_list":null,"apc_paid":null,"fwci":13.9156,"has_fulltext":false,"cited_by_count":33,"citation_normalized_percentile":{"value":0.98316364,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"11","last_page":"20"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9908000230789185,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.8003743290901184},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7244266867637634},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.6744666695594788},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.6074205636978149},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.5733870267868042},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.5579560995101929},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5479282736778259},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5193982720375061},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.4940031170845032},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.47822898626327515},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.46717318892478943},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.44011980295181274},{"id":"https://openalex.org/keywords/discretionary-access-control","display_name":"Discretionary access control","score":0.4388399124145508},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4320448935031891},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.4304351508617401},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.27904006838798523},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.19486096501350403}],"concepts":[{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.8003743290901184},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7244266867637634},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.6744666695594788},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.6074205636978149},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.5733870267868042},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.5579560995101929},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5479282736778259},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5193982720375061},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.4940031170845032},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.47822898626327515},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.46717318892478943},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.44011980295181274},{"id":"https://openalex.org/C48814466","wikidata":"https://www.wikidata.org/wiki/Q1228590","display_name":"Discretionary access control","level":4,"score":0.4388399124145508},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4320448935031891},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.4304351508617401},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.27904006838798523},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.19486096501350403},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1063979.1063982","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1063979.1063982","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the tenth ACM symposium on Access control models and technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7200000286102295,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W157928049","https://openalex.org/W191839766","https://openalex.org/W342293290","https://openalex.org/W1525261894","https://openalex.org/W1991895580","https://openalex.org/W2012419258","https://openalex.org/W2065076704","https://openalex.org/W2071330662","https://openalex.org/W2081186654","https://openalex.org/W2095881341","https://openalex.org/W2134296086","https://openalex.org/W2148952798","https://openalex.org/W2166602595","https://openalex.org/W4211218509"],"related_works":["https://openalex.org/W2148952798","https://openalex.org/W3138978413","https://openalex.org/W2371270386","https://openalex.org/W4386618948","https://openalex.org/W2358662376","https://openalex.org/W2387530238","https://openalex.org/W2382286253","https://openalex.org/W1993439489","https://openalex.org/W318167434","https://openalex.org/W1503896993"],"abstract_inverted_index":{"As":[0],"a":[1,16,32,36,47,52,106,164],"major":[2],"component":[3],"of":[4,19,38,51,74,91,117,138,166],"any":[5],"host,":[6],"or":[7,142,177],"network":[8],"operating":[9],"system,":[10],"access":[11,54,80,108,180],"control":[12,55,81,109],"mechanisms":[13],"come":[14],"in":[15,49,68,71,115,173],"wide":[17],"variety":[18],"forms,":[20],"each":[21],"with":[22],"their":[23,153],"individual":[24],"attributes,":[25],"functions,":[26,169],"methods":[27],"for":[28],"configuring":[29],"policy,":[30],"and":[31,76,98,125,133,150,152,158],"tight":[33],"coupling":[34],"to":[35,58,104,121,130,175],"class":[37],"policies.":[39,82],"To":[40],"afford":[41],"generalized":[42],"protection,":[43],"NIST":[44],"has":[45],"initiated":[46],"project":[48],"pursuit":[50],"standardized":[53],"mechanism,":[56,110],"referred":[57],"as":[59],"the":[60,72,85,113,146],"Policy":[61],"Machine":[62],"(PM)":[63],"that":[64,127,170],"requires":[65],"changes":[66],"only":[67],"its":[69,136],"configuration":[70,132],"enforcement":[73],"arbitrary":[75],"organization":[77],"specific":[78],"attribute-based":[79],"Included":[83],"among":[84],"PM's":[86],"enforceable":[87],"policies":[88,162],"are":[89,128,171],"combinations":[90],"policy":[92,131,144,156],"instances":[93],"(e.g.,":[94],"Role-Based":[95],"Access":[96],"Control":[97],"Multi-Level":[99],"Security).":[100],"In":[101,135],"our":[102],"effort":[103],"devise":[105],"generic":[107],"we":[111,119],"construct":[112],"PM":[114,147,168],"terms":[116],"what":[118],"believe":[120],"be":[122],"abstractions,":[123],"properties":[124],"functions":[126],"fundamental":[129],"enforcement.":[134],"protection":[137],"objects":[139,151],"under":[140],"one":[141],"more":[143],"instances,":[145],"categorizes":[148],"users":[149],"attributes":[154],"into":[155],"classes,":[157],"transparently":[159],"enforces":[160],"these":[161],"through":[163],"series":[165],"fixed":[167],"invoked":[172],"response":[174],"user":[176],"subject":[178],"(process)":[179],"requests.":[181]},"counts_by_year":[{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":6},{"year":2014,"cited_by_count":3},{"year":2012,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}