{"id":"https://openalex.org/W2131903956","doi":"https://doi.org/10.1145/1314436.1314439","title":"A simple and expressive semantic framework for policy composition in access control","display_name":"A simple and expressive semantic framework for policy composition in access control","publication_year":2007,"publication_date":"2007-11-02","ids":{"openalex":"https://openalex.org/W2131903956","doi":"https://doi.org/10.1145/1314436.1314439","mag":"2131903956"},"language":"en","primary_location":{"id":"doi:10.1145/1314436.1314439","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1314436.1314439","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024448854","display_name":"Glenn Bruns","orcid":null},"institutions":[{"id":"https://openalex.org/I1322087612","display_name":"Alcatel Lucent (Germany)","ror":"https://ror.org/00c5mwp75","country_code":"DE","type":"company","lineage":["https://openalex.org/I1322087612"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Glenn Bruns","raw_affiliation_strings":["Alcatel-Lucent, Lisle, IL","Alcatel-Lucent, Lisle, IL#TAB#"],"affiliations":[{"raw_affiliation_string":"Alcatel-Lucent, Lisle, IL","institution_ids":[]},{"raw_affiliation_string":"Alcatel-Lucent, Lisle, IL#TAB#","institution_ids":["https://openalex.org/I1322087612"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079756402","display_name":"Daniel S. Dantas","orcid":null},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Daniel S Dantas","raw_affiliation_strings":["Princeton University, Princeton, NJ"],"affiliations":[{"raw_affiliation_string":"Princeton University, Princeton, NJ","institution_ids":["https://openalex.org/I20089843"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5105928180","display_name":"Michael Huth","orcid":"https://orcid.org/0000-0001-9229-3055"},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Michael Huth","raw_affiliation_strings":["Imperial College London, London, England UK","[Imperial College London, London, England, UK]"],"affiliations":[{"raw_affiliation_string":"Imperial College London, London, England UK","institution_ids":["https://openalex.org/I47508984"]},{"raw_affiliation_string":"[Imperial College London, London, England, UK]","institution_ids":["https://openalex.org/I47508984"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5024448854"],"corresponding_institution_ids":["https://openalex.org/I1322087612"],"apc_list":null,"apc_paid":null,"fwci":20.487,"has_fulltext":false,"cited_by_count":55,"citation_normalized_percentile":{"value":0.99093993,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"12","last_page":"21"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9632999897003174,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8093140721321106},{"id":"https://openalex.org/keywords/combinatory-logic","display_name":"Combinatory logic","score":0.7759768962860107},{"id":"https://openalex.org/keywords/predicate","display_name":"Predicate (mathematical logic)","score":0.6116479635238647},{"id":"https://openalex.org/keywords/composition","display_name":"Composition (language)","score":0.5700773000717163},{"id":"https://openalex.org/keywords/simple","display_name":"Simple (philosophy)","score":0.48671868443489075},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4644688665866852},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.44908469915390015},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4079242944717407},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22988063097000122},{"id":"https://openalex.org/keywords/linguistics","display_name":"Linguistics","score":0.10731580853462219}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8093140721321106},{"id":"https://openalex.org/C79678938","wikidata":"https://www.wikidata.org/wiki/Q1481571","display_name":"Combinatory logic","level":2,"score":0.7759768962860107},{"id":"https://openalex.org/C140146324","wikidata":"https://www.wikidata.org/wiki/Q1144319","display_name":"Predicate (mathematical logic)","level":2,"score":0.6116479635238647},{"id":"https://openalex.org/C40231798","wikidata":"https://www.wikidata.org/wiki/Q1333743","display_name":"Composition (language)","level":2,"score":0.5700773000717163},{"id":"https://openalex.org/C2780586882","wikidata":"https://www.wikidata.org/wiki/Q7520643","display_name":"Simple (philosophy)","level":2,"score":0.48671868443489075},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4644688665866852},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.44908469915390015},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4079242944717407},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22988063097000122},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.10731580853462219},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1145/1314436.1314439","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1314436.1314439","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.112.3337","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.112.3337","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.princeton.edu/~ddantas/fmse07.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.165.8826","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.165.8826","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://pubs.doc.ic.ac.uk/expressive-framework-access/expressive-framework-access.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.597.3670","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.597.3670","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://ect.bell-labs.com/who/grb/pubs/fmse07.pdf","raw_type":"text"},{"id":"pmh:oai:spiral.imperial.ac.uk:10044/1/5694","is_oa":false,"landing_page_url":"http://hdl.handle.net/10044/1/5694","pdf_url":null,"source":{"id":"https://openalex.org/S4306401396","display_name":"Spiral (Imperial College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I47508984","host_organization_name":"Imperial College London","host_organization_lineage":["https://openalex.org/I47508984"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Formal Methods in Security Engineering: From Specifications to Code","raw_type":"Conference Paper"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6399999856948853,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320335354","display_name":"Strategic Research Council","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W136232721","https://openalex.org/W153093637","https://openalex.org/W1483568252","https://openalex.org/W1487409515","https://openalex.org/W1492689271","https://openalex.org/W1599739130","https://openalex.org/W1606448752","https://openalex.org/W1635116973","https://openalex.org/W1644112624","https://openalex.org/W1929949284","https://openalex.org/W1987339920","https://openalex.org/W1995375207","https://openalex.org/W2001805670","https://openalex.org/W2012419258","https://openalex.org/W2043100293","https://openalex.org/W2057345152","https://openalex.org/W2069491156","https://openalex.org/W2093713825","https://openalex.org/W2097723210","https://openalex.org/W2103317919","https://openalex.org/W2119028688","https://openalex.org/W2135665381","https://openalex.org/W4285719527","https://openalex.org/W6675844770","https://openalex.org/W7048190923"],"related_works":["https://openalex.org/W2026765907","https://openalex.org/W4307413753","https://openalex.org/W1975604118","https://openalex.org/W119766800","https://openalex.org/W2313450777","https://openalex.org/W2162268423","https://openalex.org/W2988498873","https://openalex.org/W4242826518","https://openalex.org/W808564355","https://openalex.org/W4302028324"],"abstract_inverted_index":{"In":[0],"defining":[1],"large,":[2],"complex":[3],"access":[4,49,125],"control":[5,126],"policies,":[6,127],"one":[7],"would":[8],"like":[9],"to":[10,28,58,67,82,84,156],"compose":[11],"sub-policies,":[12],"perhaps":[13],"authored":[14],"by":[15],"different":[16],"organizations,":[17],"into":[18],"a":[19,52,95,104,141],"single":[20],"global":[21],"policy.":[22],"Existing":[23],"policy":[24,41,87,101,111,136,159],"composition":[25],"approaches":[26],"tend":[27],"be":[29],"ad-hoc,":[30],"and":[31,128,145],"do":[32],"not":[33],"explain":[34],"whether":[35],"too":[36,39],"many":[37],"or":[38,63],"few":[40],"combinators":[42],"have":[43],"been":[44],"defined.":[45],"We":[46,89,113],"define":[47,114],"an":[48],"controlpolicy":[50],"as":[51,86],"four-valued":[53],"predicate":[54],"that":[55,91,118,147],"maps":[56],"accesses":[57],"either":[59],"grant,":[60],"deny,":[61],"conflict,":[62],"unspecified.":[64],"These":[65],"correspond":[66],"the":[68,72,122,130],"four":[69],"elements":[70],"of":[71,110,124,132,158],"Belnap":[73],"bilattice.":[74],"Functions":[75],"on":[76],"this":[77,92],"bilattice":[78],"are":[79,119],"then":[80],"extended":[81],"policies":[83],"serve":[85],"combinators.":[88,112],"argue":[90],"approach":[93],"provides":[94],"simple":[96],"andnatural":[97],"semantic":[98],"framework":[99],"for":[100,121],"composition,":[102],"with":[103],"minimal":[105],"but":[106],"functionally":[107],"complete":[108],"set":[109],"derived,":[115],"higher-level":[116],"operators":[117],"convenient":[120],"specification":[123],"enable":[129],"decoupling":[131],"conflict":[133,154],"resolution":[134],"from":[135],"composition.":[137],"Finally,":[138],"we":[139],"propose":[140],"basic":[142],"query":[143],"language":[144],"show":[146],"it":[148],"can":[149],"reduce":[150],"important":[151],"analyses":[152],"(e.g.,":[153],"analysis)":[155],"checks":[157],"refinement.":[160],"Copyright":[161],"2007":[162],"ACM.":[163]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2015,"cited_by_count":5},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":11}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}