{"id":"https://openalex.org/W2036624647","doi":"https://doi.org/10.1145/1146269.1146294","title":"Empirical privilege profiling","display_name":"Empirical privilege profiling","publication_year":2005,"publication_date":"2005-01-01","ids":{"openalex":"https://openalex.org/W2036624647","doi":"https://doi.org/10.1145/1146269.1146294","mag":"2036624647"},"language":"en","primary_location":{"id":"doi:10.1145/1146269.1146294","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1146269.1146294","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2005 workshop on New security paradigms  - NSPW '05","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5086857950","display_name":"Carla Marceau","orcid":null},"institutions":[{"id":"https://openalex.org/I87424562","display_name":"Ithaca College","ror":"https://ror.org/01kw1gj07","country_code":"US","type":"education","lineage":["https://openalex.org/I87424562"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carla Marceau","raw_affiliation_strings":["ATC-NY, Ithaca, NY"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"ATC-NY, Ithaca, NY","institution_ids":["https://openalex.org/I87424562"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5107791677","display_name":"Rob Joyce","orcid":null},"institutions":[{"id":"https://openalex.org/I87424562","display_name":"Ithaca College","ror":"https://ror.org/01kw1gj07","country_code":"US","type":"education","lineage":["https://openalex.org/I87424562"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rob Joyce","raw_affiliation_strings":["ATC-NY, Ithaca, NY"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"ATC-NY, Ithaca, NY","institution_ids":["https://openalex.org/I87424562"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I87424562"],"apc_list":null,"apc_paid":null,"fwci":0.5479,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.73586678,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"111","last_page":"111"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.8929701447486877},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.7737084627151489},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7187713384628296},{"id":"https://openalex.org/keywords/rule-of-thumb","display_name":"Rule of thumb","score":0.5494508147239685},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4824965000152588},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4685536324977875},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.17107239365577698}],"concepts":[{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.8929701447486877},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.7737084627151489},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7187713384628296},{"id":"https://openalex.org/C89246107","wikidata":"https://www.wikidata.org/wiki/Q1398821","display_name":"Rule of thumb","level":2,"score":0.5494508147239685},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4824965000152588},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4685536324977875},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.17107239365577698}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1146269.1146294","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1146269.1146294","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2005 workshop on New security paradigms  - NSPW '05","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W1511247333","https://openalex.org/W1586807939","https://openalex.org/W1941427975","https://openalex.org/W2041607772","https://openalex.org/W2065076704","https://openalex.org/W2070535792","https://openalex.org/W2107370049","https://openalex.org/W2121034979","https://openalex.org/W2128217000","https://openalex.org/W2137569638","https://openalex.org/W2164055093"],"related_works":["https://openalex.org/W2374400535","https://openalex.org/W2950805198","https://openalex.org/W1603110617","https://openalex.org/W2036433081","https://openalex.org/W2108239983","https://openalex.org/W2892079901","https://openalex.org/W3182610686","https://openalex.org/W2059877472","https://openalex.org/W2134261832","https://openalex.org/W1585653081"],"abstract_inverted_index":{"The":[0],"well-known":[1],"Principle":[2],"of":[3,29,39,96,129,141,144],"Least":[4],"Privilege":[5],"states":[6],"that":[7,16,68],"a":[8,55,66,75,84,92,103,134,142],"program":[9,57,67,76,106],"should":[10],"run":[11],"with":[12,45,77,131],"the":[13,21,30,127],"minimal":[14],"authority":[15],"it":[17],"requires":[18],"to":[19,35,48,87],"get":[20],"job":[22],"done,":[23],"and":[24,42,108,116],"no":[25],"more.":[26],"However,":[27],"application":[28],"principle":[31],"has":[32],"been":[33],"left":[34],"software":[36],"developers,":[37],"developers":[38],"installation":[40],"procedures,":[41],"system":[43],"administrators":[44],"few":[46],"tools":[47],"assist":[49],"them.":[50],"How":[51,59],"much":[52,71],"privilege":[53,72,81,132],"does":[54],"given":[56],"need?":[58],"do":[60],"you":[61,64],"know":[62],"if":[63],"write":[65],"uses":[69],"too":[70,78],"or":[73],"install":[74],"little?":[79],"Empirical":[80],"profiling":[82],"provides":[83],"partial":[85],"answer":[86],"this":[88,123],"question":[89],"by":[90],"tracking":[91],"program's":[93],"actual":[94],"use":[95],"resources,":[97],"which":[98],"can":[99],"be":[100],"used":[101],"as":[102,110,112,133],"guide":[104],"during":[105],"development":[107],"installation,":[109],"well":[111],"for":[113,119],"detecting":[114],"intrusions":[115],"providing":[117],"assurance":[118],"mobile":[120],"code.":[121],"In":[122],"paper,":[124],"we":[125],"introduce":[126],"concept":[128],"dealing":[130],"measurable":[135],"quantity,":[136],"rather":[137],"than":[138],"in":[139],"terms":[140],"\"rule":[143],"thumb.\"":[145]},"counts_by_year":[{"year":2012,"cited_by_count":1}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
