{"id":"https://openalex.org/W2026077424","doi":"https://doi.org/10.1145/1852666.1852736","title":"Reasoning about policy noncompliance","display_name":"Reasoning about policy noncompliance","publication_year":2010,"publication_date":"2010-04-21","ids":{"openalex":"https://openalex.org/W2026077424","doi":"https://doi.org/10.1145/1852666.1852736","mag":"2026077424"},"language":"en","primary_location":{"id":"doi:10.1145/1852666.1852736","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1852666.1852736","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063710569","display_name":"R. Baird","orcid":null},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Baird","raw_affiliation_strings":["University of Tulsa, Tulsa, OK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Tulsa, Tulsa, OK","institution_ids":["https://openalex.org/I87208437"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088977884","display_name":"Rose Gamble","orcid":null},"institutions":[{"id":"https://openalex.org/I87208437","display_name":"University of Tulsa","ror":"https://ror.org/04wn28048","country_code":"US","type":"education","lineage":["https://openalex.org/I87208437"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Gamble","raw_affiliation_strings":["University of Tulsa, Tulsa, OK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Tulsa, Tulsa, OK","institution_ids":["https://openalex.org/I87208437"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I87208437"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.10311114,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"4"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T13295","display_name":"Safety Systems Engineering in Autonomy","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/2213","display_name":"Safety, Risk, Reliability and Quality"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/tuple","display_name":"Tuple","score":0.8180651068687439},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.7893860936164856},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.7693275809288025},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7541698217391968},{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.6648886203765869},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5926622152328491},{"id":"https://openalex.org/keywords/notation","display_name":"Notation","score":0.5797873139381409},{"id":"https://openalex.org/keywords/security-controls","display_name":"Security controls","score":0.47666245698928833},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4679528474807739},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.45296502113342285},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.4439109265804291},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.28168612718582153},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.23319539427757263},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2023075819015503},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.16802874207496643},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.15131759643554688},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.10845154523849487},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.09685340523719788},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.09395411610603333}],"concepts":[{"id":"https://openalex.org/C118930307","wikidata":"https://www.wikidata.org/wiki/Q600590","display_name":"Tuple","level":2,"score":0.8180651068687439},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.7893860936164856},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.7693275809288025},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7541698217391968},{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.6648886203765869},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5926622152328491},{"id":"https://openalex.org/C45357846","wikidata":"https://www.wikidata.org/wiki/Q2001982","display_name":"Notation","level":2,"score":0.5797873139381409},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.47666245698928833},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4679528474807739},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.45296502113342285},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.4439109265804291},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.28168612718582153},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.23319539427757263},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2023075819015503},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.16802874207496643},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.15131759643554688},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.10845154523849487},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.09685340523719788},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.09395411610603333},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/1852666.1852736","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1852666.1852736","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.432.3606","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.432.3606","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.seat.utulsa.edu/papers/Baird-Reasoning_about_Policy_Noncompliance.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.41999998688697815,"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals"}],"awards":[{"id":"https://openalex.org/G3630431747","display_name":null,"funder_award_id":"FA-9550-09-1-0409","funder_id":"https://openalex.org/F4320338279","funder_display_name":"Air Force Office of Scientific Research"}],"funders":[{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":6,"referenced_works":["https://openalex.org/W1979967632","https://openalex.org/W2114409954","https://openalex.org/W2117046460","https://openalex.org/W2140031625","https://openalex.org/W2160651569","https://openalex.org/W2169892910"],"related_works":["https://openalex.org/W2158491338","https://openalex.org/W2807901368","https://openalex.org/W2133733652","https://openalex.org/W2072658171","https://openalex.org/W2606392311","https://openalex.org/W2910925591","https://openalex.org/W2773161380","https://openalex.org/W1964579175","https://openalex.org/W2930458324","https://openalex.org/W2293554594"],"abstract_inverted_index":{"In":[0],"this":[1],"paper,":[2],"we":[3],"introduce":[4],"a":[5],"tuple":[6],"notation":[7],"for":[8],"noncompliance":[9],"that":[10],"represents":[11],"certification":[12],"problems":[13],"when":[14],"meeting":[15],"security":[16,24,51,77],"controls":[17,25],"in":[18,81],"distributed,":[19],"multi-component":[20,83],"software":[21],"systems.":[22],"The":[23],"are":[26],"adopted":[27],"from":[28,38,57],"NIST":[29],"SP800-53":[30],"and":[31,41,66,79],"DoD":[32],"8500.2":[33],"documents.":[34],"We":[35],"derive":[36],"tuples":[37],"component":[39],"policies":[40],"interactions,":[42],"along":[43],"with":[44,48],"the":[45,50,64,82],"risks":[46],"associated":[47],"violating":[49],"controls.":[52],"Tuples":[53],"can":[54,71],"be":[55,73],"clustered":[56],"different":[58],"perspectives,":[59],"reasoned":[60],"about":[61],"to":[62,75],"target":[63],"cause":[65],"strength":[67],"of":[68],"noncompliance.":[69],"They":[70],"also":[72],"mapped":[74],"specific":[76],"concerns":[78],"weaknesses":[80],"architecture.":[84]},"counts_by_year":[],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
