{"id":"https://openalex.org/W2089906257","doi":"https://doi.org/10.1145/2295136.2295158","title":"Practical risk aggregation in RBAC models","display_name":"Practical risk aggregation in RBAC models","publication_year":2012,"publication_date":"2012-06-20","ids":{"openalex":"https://openalex.org/W2089906257","doi":"https://doi.org/10.1145/2295136.2295158","mag":"2089906257"},"language":"en","primary_location":{"id":"doi:10.1145/2295136.2295158","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2295136.2295158","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th ACM symposium on Access Control Models and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048460582","display_name":"Suresh T. Chari","orcid":"https://orcid.org/0000-0002-3924-0971"},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Suresh Chari","raw_affiliation_strings":["IBM Research T.J. Watson, Hawthorne, NY, USA","IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105652031","display_name":"Jorge Lobo","orcid":"https://orcid.org/0000-0002-9438-0926"},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jorge Lobo","raw_affiliation_strings":["IBM Research T.J. Watson, Hawthorne, NY, USA","IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5040348286","display_name":"Ian Molloy","orcid":null},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ian Molloy","raw_affiliation_strings":["IBM Research T.J. Watson, Hawthorne, NY, USA","IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research T.J. Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5048460582"],"corresponding_institution_ids":["https://openalex.org/I1341412227"],"apc_list":null,"apc_paid":null,"fwci":1.2844,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.83645305,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"117","last_page":"118"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10456","display_name":"Multi-Agent Systems and Negotiation","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10456","display_name":"Multi-Agent Systems and Negotiation","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11010","display_name":"Logic, Reasoning, and Knowledge","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.7854225635528564},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.782910943031311},{"id":"https://openalex.org/keywords/code-refactoring","display_name":"Code refactoring","score":0.6874906420707703},{"id":"https://openalex.org/keywords/aggregate","display_name":"Aggregate (composite)","score":0.6586898565292358},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.6028968691825867},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5394829511642456},{"id":"https://openalex.org/keywords/visualization","display_name":"Visualization","score":0.5139696002006531},{"id":"https://openalex.org/keywords/axiom","display_name":"Axiom","score":0.504581093788147},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4796733856201172},{"id":"https://openalex.org/keywords/fuzzy-set","display_name":"Fuzzy set","score":0.47633177042007446},{"id":"https://openalex.org/keywords/fuzzy-logic","display_name":"Fuzzy logic","score":0.4650733470916748},{"id":"https://openalex.org/keywords/product","display_name":"Product (mathematics)","score":0.45470529794692993},{"id":"https://openalex.org/keywords/systematic-risk","display_name":"Systematic risk","score":0.4132130742073059},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38571086525917053},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32650336623191833},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.23673951625823975},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.21484193205833435},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2083611786365509},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.10831424593925476}],"concepts":[{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.7854225635528564},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.782910943031311},{"id":"https://openalex.org/C152752567","wikidata":"https://www.wikidata.org/wiki/Q116877","display_name":"Code refactoring","level":3,"score":0.6874906420707703},{"id":"https://openalex.org/C4679612","wikidata":"https://www.wikidata.org/wiki/Q866298","display_name":"Aggregate (composite)","level":2,"score":0.6586898565292358},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.6028968691825867},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5394829511642456},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.5139696002006531},{"id":"https://openalex.org/C167729594","wikidata":"https://www.wikidata.org/wiki/Q17736","display_name":"Axiom","level":2,"score":0.504581093788147},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4796733856201172},{"id":"https://openalex.org/C42011625","wikidata":"https://www.wikidata.org/wiki/Q1055058","display_name":"Fuzzy set","level":3,"score":0.47633177042007446},{"id":"https://openalex.org/C58166","wikidata":"https://www.wikidata.org/wiki/Q224821","display_name":"Fuzzy logic","level":2,"score":0.4650733470916748},{"id":"https://openalex.org/C90673727","wikidata":"https://www.wikidata.org/wiki/Q901718","display_name":"Product (mathematics)","level":2,"score":0.45470529794692993},{"id":"https://openalex.org/C80212096","wikidata":"https://www.wikidata.org/wiki/Q1975416","display_name":"Systematic risk","level":2,"score":0.4132130742073059},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38571086525917053},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32650336623191833},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23673951625823975},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.21484193205833435},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2083611786365509},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.10831424593925476},{"id":"https://openalex.org/C106159729","wikidata":"https://www.wikidata.org/wiki/Q2294553","display_name":"Financial economics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C159985019","wikidata":"https://www.wikidata.org/wiki/Q181790","display_name":"Composite material","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C192562407","wikidata":"https://www.wikidata.org/wiki/Q228736","display_name":"Materials science","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2295136.2295158","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2295136.2295158","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th ACM symposium on Access Control Models and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6000000238418579,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W1997888312"],"related_works":["https://openalex.org/W2372156812","https://openalex.org/W2374393728","https://openalex.org/W2386545329","https://openalex.org/W2382286253","https://openalex.org/W2356011375","https://openalex.org/W1795360416","https://openalex.org/W2392979115","https://openalex.org/W1969771171","https://openalex.org/W819284483","https://openalex.org/W2370002471"],"abstract_inverted_index":{"This":[0],"paper":[1],"describes":[2],"our":[3],"system,":[4],"built":[5],"as":[6,120,122],"part":[7],"of":[8,25,39,46,48,80],"a":[9,36,93],"commercially":[10],"available":[11],"product,":[12],"for":[13],"inferring":[14],"the":[15,23,78,97,106],"risk":[16,40,67,83,116],"in":[17,117],"an":[18],"RBAC":[19],"policy":[20],"model,":[21],"i.e.,":[22,82],"assignment":[24],"permissions":[26,49,89],"to":[27,31,62,68,92,101,113,137],"roles":[28,30,139],"and":[29,50,140],"users.":[32,51,103],"Our":[33,52],"system":[34],"implements":[35],"general":[37],"model":[38],"based":[41],"on":[42],"any":[43],"arbitrary":[44],"set":[45],"properties":[47],"experience":[53],"shows":[54],"that":[55],"fuzzy":[56,73],"inferencing":[57,74],"systems":[58],"are":[59,90,128],"best":[60],"suited":[61],"capture":[63],"how":[64],"humans":[65],"assign":[66],"such":[69],"assignments.":[70,141],"To":[71],"implement":[72],"practically":[75],"we":[76],"need":[77],"axiom":[79],"monotonicity,":[81],"can":[84,111,132],"not":[85],"decrease":[86],"when":[87,96],"more":[88],"assigned":[91,100],"role":[94,98,118],"or":[95],"is":[99],"fewer":[102],"We":[104],"describe":[105],"visualization":[107],"component":[108],"which":[109,126],"administrators":[110],"use":[112,134],"infer":[114],"aggregate":[115],"assignments":[119,127],"well":[121],"drill":[123],"down":[124],"into":[125],"actually":[129],"risky.":[130],"Administrators":[131],"then":[133],"this":[135],"knowledge":[136],"refactor":[138]},"counts_by_year":[{"year":2016,"cited_by_count":1},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}