{"id":"https://openalex.org/W2096181863","doi":"https://doi.org/10.1145/1314436.1314441","title":"Security policy compliance with violation management","display_name":"Security policy compliance with violation management","publication_year":2007,"publication_date":"2007-11-02","ids":{"openalex":"https://openalex.org/W2096181863","doi":"https://doi.org/10.1145/1314436.1314441","mag":"2096181863"},"language":"en","primary_location":{"id":"doi:10.1145/1314436.1314441","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1314436.1314441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5112471211","display_name":"Julien Brunel","orcid":"https://orcid.org/0009-0004-3639-6681"},"institutions":[{"id":"https://openalex.org/I4210119061","display_name":"Institut de Recherche en Informatique de Toulouse","ror":"https://ror.org/01rx4qw44","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I205747304","https://openalex.org/I205747304","https://openalex.org/I4210119061","https://openalex.org/I4387153255","https://openalex.org/I4405258862","https://openalex.org/I4405258862"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Julien Brunel","raw_affiliation_strings":["Institut de Recherche en Informatique de Toulouse, Toulouse, France"],"affiliations":[{"raw_affiliation_string":"Institut de Recherche en Informatique de Toulouse, Toulouse, France","institution_ids":["https://openalex.org/I4210119061"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074976207","display_name":"Fr\u00e9d\u00e9ric Cuppens","orcid":"https://orcid.org/0000-0003-1124-2200"},"institutions":[{"id":"https://openalex.org/I12356871","display_name":"T\u00e9l\u00e9com Paris","ror":"https://ror.org/01naq7912","country_code":"FR","type":"education","lineage":["https://openalex.org/I12356871","https://openalex.org/I205703379","https://openalex.org/I4210145102"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Fr\u00e9d\u00e9ric Cuppens","raw_affiliation_strings":["Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France"],"affiliations":[{"raw_affiliation_string":"Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France","institution_ids":["https://openalex.org/I12356871"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011273434","display_name":"Nora Cuppens","orcid":"https://orcid.org/0000-0001-8792-0413"},"institutions":[{"id":"https://openalex.org/I12356871","display_name":"T\u00e9l\u00e9com Paris","ror":"https://ror.org/01naq7912","country_code":"FR","type":"education","lineage":["https://openalex.org/I12356871","https://openalex.org/I205703379","https://openalex.org/I4210145102"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Nora Cuppens","raw_affiliation_strings":["Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France"],"affiliations":[{"raw_affiliation_string":"Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France","institution_ids":["https://openalex.org/I12356871"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059854250","display_name":"Thierry Sans","orcid":null},"institutions":[{"id":"https://openalex.org/I12356871","display_name":"T\u00e9l\u00e9com Paris","ror":"https://ror.org/01naq7912","country_code":"FR","type":"education","lineage":["https://openalex.org/I12356871","https://openalex.org/I205703379","https://openalex.org/I4210145102"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Thierry Sans","raw_affiliation_strings":["Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France"],"affiliations":[{"raw_affiliation_string":"Ecole Nationale Sup\u00e9rieure des T\u00e9l\u00e9communications de Bretagne, Rennes, France","institution_ids":["https://openalex.org/I12356871"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089844896","display_name":"Jean-Paul Bodeveix","orcid":"https://orcid.org/0000-0002-4179-6063"},"institutions":[{"id":"https://openalex.org/I4210119061","display_name":"Institut de Recherche en Informatique de Toulouse","ror":"https://ror.org/01rx4qw44","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I205747304","https://openalex.org/I205747304","https://openalex.org/I4210119061","https://openalex.org/I4387153255","https://openalex.org/I4405258862","https://openalex.org/I4405258862"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Jean-Paul Bodeveix","raw_affiliation_strings":["Institut de Recherche en Informatique de Toulouse, Toulouse, France"],"affiliations":[{"raw_affiliation_string":"Institut de Recherche en Informatique de Toulouse, Toulouse, France","institution_ids":["https://openalex.org/I4210119061"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5112471211"],"corresponding_institution_ids":["https://openalex.org/I4210119061"],"apc_list":null,"apc_paid":null,"fwci":6.1393,"has_fulltext":false,"cited_by_count":23,"citation_normalized_percentile":{"value":0.96097937,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"31","last_page":"40"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/compliance","display_name":"Compliance (psychology)","score":0.7083568572998047},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5011179447174072},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.43882983922958374},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.3262248933315277},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.07882711291313171}],"concepts":[{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.7083568572998047},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5011179447174072},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.43882983922958374},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.3262248933315277},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.07882711291313171},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1314436.1314441","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1314436.1314441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2007 ACM workshop on Formal methods in security engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:publications.polymtl.ca:46783","is_oa":false,"landing_page_url":"https://publications.polymtl.ca/46783/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401013","display_name":"PolyPublie (\u00c9cole Polytechnique de Montr\u00e9al)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I45683168","host_organization_name":"Polytechnique Montr\u00e9al","host_organization_lineage":["https://openalex.org/I45683168"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Communication de conf\u00e9rence"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W1490169100","https://openalex.org/W1524852881","https://openalex.org/W1604636110","https://openalex.org/W1756958128","https://openalex.org/W1950193643","https://openalex.org/W1972568059","https://openalex.org/W1984691540","https://openalex.org/W1993163335","https://openalex.org/W2036910349","https://openalex.org/W2053741629","https://openalex.org/W2068189899","https://openalex.org/W2078590050","https://openalex.org/W2083004560","https://openalex.org/W2102612634","https://openalex.org/W2115853608","https://openalex.org/W2142709564","https://openalex.org/W2144794336","https://openalex.org/W2145500633","https://openalex.org/W2150638401","https://openalex.org/W2160207938","https://openalex.org/W2166602595","https://openalex.org/W2913459036","https://openalex.org/W4235203299","https://openalex.org/W6676869429"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2410395228","https://openalex.org/W2390279801","https://openalex.org/W3125941065","https://openalex.org/W2358668433","https://openalex.org/W2484615095","https://openalex.org/W4366449942","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278"],"abstract_inverted_index":{"A":[0],"security":[1,11,40,102,107,123,136,156],"policy":[2,41,55,58,66,103,124],"of":[3,10,81,132,134],"an":[4,94,149],"information":[5,35,95,150],"system":[6,36,50,78,96,151],"is":[7,59,67,98,114,119],"a":[8,88,161],"set":[9],"requirements":[12,108,127],"that":[13,33,117,128],"correspond":[14],"to":[15,20,115,145,152,164],"permissions,":[16],"prohibitions":[17],"and":[18,43,69],"obligations":[19],"execute":[21],"some":[22,25,106],"actions":[23,46,72],"when":[24,121],"contextual":[26],"conditions":[27,144,168],"are":[28,51,73,169],"satisfied.":[29],"Traditional":[30],"approaches":[31],"consider":[32,116],"the":[34,54,57,65,77,122],"enforces":[37],"its":[38,101,155],"associated":[39],"if":[42,45,166],"only":[44],"executed":[47,75],"in":[48,76,92,130],"this":[49,84,118,139],"permitted":[52],"by":[53,148],"(if":[56,64],"closed)":[60],"or":[61],"not":[62],"prohibited":[63],"open)":[68],"every":[70],"obligatory":[71],"actually":[74],"(no":[79],"violation":[80,133],"obligations).":[82],"In":[83,138],"paper,":[85],"we":[86,141],"investigate":[87],"more":[89],"sophisticated":[90],"approach":[91,163],"which":[93],"specification":[97],"compliant":[99],"with":[100,154],"even":[104],"though":[105],"may":[109],"be":[110,146],"violated.":[111],"Our":[112],"proposal":[113],"acceptable":[120],"specifies":[125],"additional":[126],"apply":[129],"case":[131],"other":[135],"requirements.":[137],"case,":[140],"formally":[142],"define":[143],"satisfied":[147],"comply":[153],"policy.":[157],"We":[158],"then":[159],"present":[160],"proof-based":[162],"check":[165],"these":[167],"enforced.":[170]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":4},{"year":2012,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}