{"id":"https://openalex.org/W2131709641","doi":"https://doi.org/10.1145/1455518.1455520","title":"Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems","display_name":"Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems","publication_year":2008,"publication_date":"2008-12-01","ids":{"openalex":"https://openalex.org/W2131709641","doi":"https://doi.org/10.1145/1455518.1455520","mag":"2131709641"},"language":"en","primary_location":{"id":"doi:10.1145/1455518.1455520","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1455518.1455520","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032842781","display_name":"Adam J. Lee","orcid":"https://orcid.org/0000-0002-2596-7256"},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Adam J. Lee","raw_affiliation_strings":["University of Pittsburgh"],"affiliations":[{"raw_affiliation_string":"University of Pittsburgh","institution_ids":["https://openalex.org/I170201317"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011314280","display_name":"Marianne Winslett","orcid":"https://orcid.org/0000-0002-3935-7168"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Marianne Winslett","raw_affiliation_strings":["University of Illinois at Urbana-Champaign","University of Illinois at Urbana Champaign"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign","institution_ids":["https://openalex.org/I157725225"]},{"raw_affiliation_string":"University of Illinois at Urbana Champaign","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5032842781"],"corresponding_institution_ids":["https://openalex.org/I170201317"],"apc_list":null,"apc_paid":null,"fwci":9.7917,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.97511648,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":"12","issue":"2","first_page":"1","last_page":"33"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8530473113059998},{"id":"https://openalex.org/keywords/consistency","display_name":"Consistency (knowledge bases)","score":0.8147545456886292},{"id":"https://openalex.org/keywords/eventual-consistency","display_name":"Eventual consistency","score":0.5864449143409729},{"id":"https://openalex.org/keywords/weak-consistency","display_name":"Weak consistency","score":0.5397982597351074},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.5174999237060547},{"id":"https://openalex.org/keywords/negotiation","display_name":"Negotiation","score":0.5173489451408386},{"id":"https://openalex.org/keywords/consistency-model","display_name":"Consistency model","score":0.49729421734809875},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.49665194749832153},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4535381495952606},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.4526899755001068},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.43245378136634827},{"id":"https://openalex.org/keywords/strong-consistency","display_name":"Strong consistency","score":0.42600396275520325},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.42476218938827515},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4115445613861084},{"id":"https://openalex.org/keywords/data-consistency","display_name":"Data consistency","score":0.2573194205760956}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8530473113059998},{"id":"https://openalex.org/C2776436953","wikidata":"https://www.wikidata.org/wiki/Q5163215","display_name":"Consistency (knowledge bases)","level":2,"score":0.8147545456886292},{"id":"https://openalex.org/C34422012","wikidata":"https://www.wikidata.org/wiki/Q6125872","display_name":"Eventual consistency","level":4,"score":0.5864449143409729},{"id":"https://openalex.org/C122377713","wikidata":"https://www.wikidata.org/wiki/Q4422799","display_name":"Weak consistency","level":4,"score":0.5397982597351074},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.5174999237060547},{"id":"https://openalex.org/C199776023","wikidata":"https://www.wikidata.org/wiki/Q202875","display_name":"Negotiation","level":2,"score":0.5173489451408386},{"id":"https://openalex.org/C37279795","wikidata":"https://www.wikidata.org/wiki/Q2492305","display_name":"Consistency model","level":3,"score":0.49729421734809875},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.49665194749832153},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4535381495952606},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.4526899755001068},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.43245378136634827},{"id":"https://openalex.org/C31388003","wikidata":"https://www.wikidata.org/wiki/Q7624548","display_name":"Strong consistency","level":3,"score":0.42600396275520325},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.42476218938827515},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4115445613861084},{"id":"https://openalex.org/C93361087","wikidata":"https://www.wikidata.org/wiki/Q4426698","display_name":"Data consistency","level":2,"score":0.2573194205760956},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C185429906","wikidata":"https://www.wikidata.org/wiki/Q1130160","display_name":"Estimator","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/1455518.1455520","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1455518.1455520","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},{"id":"pmh:oai:d-scholarship.pitt.edu:16451","is_oa":false,"landing_page_url":"http://d-scholarship.pitt.edu/16451/1/licence.txt","pdf_url":null,"source":{"id":"https://openalex.org/S4306402375","display_name":"D-Scholarship@Pitt (University of Pittsburgh)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I170201317","host_organization_name":"University of Pittsburgh","host_organization_lineage":["https://openalex.org/I170201317"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.500.782","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.500.782","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://people.cs.pitt.edu/~adamlee/pubs/2008/tissec08b.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.76.1336","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.76.1336","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://dais.cs.uiuc.edu/~adamlee/pubs/2007/consistency_tissec_preprint.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1423499882","display_name":null,"funder_award_id":"DOE SNL 541065","funder_id":"https://openalex.org/F4320338291","funder_display_name":"Sandia National Laboratories"},{"id":"https://openalex.org/G1434113612","display_name":null,"funder_award_id":"IIS-0331707","funder_id":"https://openalex.org/F4320337389","funder_display_name":"Division of Information and Intelligent Systems"},{"id":"https://openalex.org/G4601865311","display_name":null,"funder_award_id":"CNS-0325951","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"},{"id":"https://openalex.org/G5534768124","display_name":null,"funder_award_id":"CNS-0524695","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"}],"funders":[{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"},{"id":"https://openalex.org/F4320337389","display_name":"Division of Information and Intelligent Systems","ror":"https://ror.org/053a2cp42"},{"id":"https://openalex.org/F4320338291","display_name":"Sandia National Laboratories","ror":"https://ror.org/01apwpt12"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W1501620459","https://openalex.org/W1508143344","https://openalex.org/W1518712071","https://openalex.org/W1529718300","https://openalex.org/W1574845526","https://openalex.org/W1580858050","https://openalex.org/W1627303300","https://openalex.org/W1852513433","https://openalex.org/W1968556863","https://openalex.org/W1993505169","https://openalex.org/W2008524185","https://openalex.org/W2029601347","https://openalex.org/W2037231459","https://openalex.org/W2077298707","https://openalex.org/W2095202767","https://openalex.org/W2096167494","https://openalex.org/W2096683148","https://openalex.org/W2111887123","https://openalex.org/W2120846431","https://openalex.org/W2122440889","https://openalex.org/W2130103312","https://openalex.org/W2131053137","https://openalex.org/W2132334337","https://openalex.org/W2138916465","https://openalex.org/W2140166593","https://openalex.org/W2144279894","https://openalex.org/W2147432139","https://openalex.org/W2150500287","https://openalex.org/W2290132939","https://openalex.org/W2466575204","https://openalex.org/W3093384223","https://openalex.org/W3137220996","https://openalex.org/W3143338349","https://openalex.org/W3143968418","https://openalex.org/W4229838822","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2949587676","https://openalex.org/W4301894417","https://openalex.org/W2901980169","https://openalex.org/W4292345996","https://openalex.org/W3010022189","https://openalex.org/W2144153901","https://openalex.org/W2949499328","https://openalex.org/W2766331953","https://openalex.org/W246909719","https://openalex.org/W2560551601"],"abstract_inverted_index":{"In":[0,87],"trust":[1,63],"negotiation":[2,64],"and":[3,39,42,65,147,172,206,211,232],"other":[4,100],"forms":[5],"of":[6,15,22,36,48,53,72,81,96,102,107,120,161,179,192,196,214,222,252],"distributed":[7,66,103,143,145,148],"proving,":[8],"networked":[9],"entities":[10,38,131],"cooperate":[11],"to":[12,132,154,164,198,236],"form":[13],"proofs":[14],"authorization":[16,82],"that":[17,92,156,181,189,260],"are":[18,40],"justified":[19],"by":[20],"collections":[21,52],"certified":[23],"attribute":[24],"credentials.":[25],"These":[26,244],"attributes":[27],"may":[28],"be":[29,85,199],"obtained":[30],"through":[31],"interactions":[32],"with":[33,203],"any":[34],"number":[35],"external":[37],"collected":[41],"validated":[43],"over":[44],"an":[45],"extended":[46],"period":[47],"time.":[49],"Although":[50],"these":[51,193,215,253],"credentials":[54],"in":[55,77,99,134,142,201,226,241],"some":[56],"ways":[57],"resemble":[58],"partial":[59],"system":[60],"snapshots,":[61],"current":[62],"proving":[67],"systems":[68],"lack":[69],"the":[70,79,94,105,117,121,157,220,227,237,247,257],"notion":[71,160,221],"a":[73],"consistent":[74],"global":[75],"state":[76],"which":[78],"satisfaction":[80],"policies":[83],"should":[84],"checked.":[86],"this":[88,242],"article,":[89],"we":[90,218],"argue":[91],"unlike":[93],"notions":[95,178,195],"consistency":[97,108,136,162,180,197,228,258],"studied":[98],"areas":[101],"computing,":[104,144],"level":[106],"required":[109],"during":[110],"policy":[111,122],"evaluation":[112],"is":[113,127],"predicated":[114],"solely":[115],"upon":[116],"security":[118,210],"requirements":[119],"evaluator.":[123],"As":[124],"such,":[125],"there":[126],"little":[128],"incentive":[129],"for":[130],"participate":[133],"complicated":[135],"preservation":[137],"schemes":[138],"like":[139],"those":[140],"used":[141],"databases,":[146],"shared":[149],"memory.":[150],"We":[151,186],"go":[152],"on":[153],"show":[155],"most":[158],"intuitive":[159],"fails":[163],"provide":[165,182,187],"basic":[166],"safety":[167,184],"guarantees":[168],"under":[169],"certain":[170],"circumstances":[171],"then":[173],"propose":[174,233],"several":[175,209,234],"more":[176],"refined":[177,194],"stronger":[183],"guarantees.":[185],"algorithms":[188,239,254],"allow":[190],"each":[191],"attained":[200],"practice":[202],"minimal":[204],"overheads":[205],"formally":[207],"prove":[208],"privacy":[212],"properties":[213,251],"algorithms.":[216],"Lastly,":[217],"explore":[219],"strategic":[223],"design":[224],"trade-offs":[225],"enforcement":[229],"algorithm":[230],"space":[231],"modifications":[235,245],"core":[238],"presented":[240],"article.":[243],"enhance":[246],"privacy-preservation":[248],"or":[249],"completeness":[250],"without":[255],"altering":[256],"constraints":[259],"they":[261],"enforce.":[262]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}