{"id":"https://openalex.org/W2056099551","doi":"https://doi.org/10.1145/2462410.2462411","title":"Beyond accountability","display_name":"Beyond accountability","publication_year":2013,"publication_date":"2013-06-05","ids":{"openalex":"https://openalex.org/W2056099551","doi":"https://doi.org/10.1145/2462410.2462411","mag":"2056099551"},"language":"en","primary_location":{"id":"doi:10.1145/2462410.2462411","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2462410.2462411","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM symposium on Access control models and technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010677582","display_name":"Nathalie Baracaldo","orcid":"https://orcid.org/0000-0001-9469-045X"},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nathalie Baracaldo","raw_affiliation_strings":["University of Pittsburgh, Pittsburgh, PA, USA"],"affiliations":[{"raw_affiliation_string":"University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5042767930","display_name":"James Joshi","orcid":"https://orcid.org/0000-0003-4519-9802"},"institutions":[{"id":"https://openalex.org/I170201317","display_name":"University of Pittsburgh","ror":"https://ror.org/01an3r305","country_code":"US","type":"education","lineage":["https://openalex.org/I170201317"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"James Joshi","raw_affiliation_strings":["University of Pittsburgh, Pittsburgh, PA, USA"],"affiliations":[{"raw_affiliation_string":"University of Pittsburgh, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I170201317"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010677582"],"corresponding_institution_ids":["https://openalex.org/I170201317"],"apc_list":null,"apc_paid":null,"fwci":4.8759,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.9495765,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"213","last_page":"224"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":1.0,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":1.0,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9965000152587891,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/obligation","display_name":"Obligation","score":0.7263984680175781},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6812872886657715},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.60289067029953},{"id":"https://openalex.org/keywords/accountability","display_name":"Accountability","score":0.5824949741363525},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.565700352191925},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5516819953918457},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.5150554180145264},{"id":"https://openalex.org/keywords/goodwill","display_name":"Goodwill","score":0.5057387351989746},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.44096386432647705},{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.4311596155166626},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.41835296154022217},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.398449182510376},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3776422142982483},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.10454511642456055},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.0981258749961853}],"concepts":[{"id":"https://openalex.org/C2778447849","wikidata":"https://www.wikidata.org/wiki/Q2648051","display_name":"Obligation","level":2,"score":0.7263984680175781},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6812872886657715},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.60289067029953},{"id":"https://openalex.org/C2776007630","wikidata":"https://www.wikidata.org/wiki/Q2798912","display_name":"Accountability","level":2,"score":0.5824949741363525},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.565700352191925},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5516819953918457},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.5150554180145264},{"id":"https://openalex.org/C2778860618","wikidata":"https://www.wikidata.org/wiki/Q157499","display_name":"Goodwill","level":2,"score":0.5057387351989746},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.44096386432647705},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.4311596155166626},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.41835296154022217},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.398449182510376},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3776422142982483},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.10454511642456055},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0981258749961853},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2462410.2462411","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2462410.2462411","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM symposium on Access control models and technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Decent work and economic growth","score":0.5400000214576721,"id":"https://metadata.un.org/sdg/8"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W27149491","https://openalex.org/W61534595","https://openalex.org/W92760516","https://openalex.org/W102427107","https://openalex.org/W152476282","https://openalex.org/W1545902494","https://openalex.org/W1973007193","https://openalex.org/W1992419399","https://openalex.org/W1992504775","https://openalex.org/W1999781327","https://openalex.org/W2006652217","https://openalex.org/W2010365091","https://openalex.org/W2013611975","https://openalex.org/W2068189899","https://openalex.org/W2068254409","https://openalex.org/W2113436918","https://openalex.org/W2115853608","https://openalex.org/W2121381561","https://openalex.org/W2122516858","https://openalex.org/W2123521920","https://openalex.org/W2126536038","https://openalex.org/W2129124450","https://openalex.org/W2148952798","https://openalex.org/W2154765153","https://openalex.org/W2154889864","https://openalex.org/W2159817467","https://openalex.org/W2182220060","https://openalex.org/W2369295637","https://openalex.org/W3101813170","https://openalex.org/W3139328003","https://openalex.org/W4252934814","https://openalex.org/W6606160508","https://openalex.org/W6648392461"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W2018332730","https://openalex.org/W4387194049","https://openalex.org/W2286217954"],"abstract_inverted_index":{"Recently,":[0],"the":[1,77,90,133,139,142],"importance":[2],"of":[3,8,72,93,141,173],"including":[4],"obligations":[5,65,130,144],"as":[6],"part":[7],"access":[9,27,124],"control":[10,28],"systems":[11],"for":[12,15],"privilege":[13],"management,":[14],"example,":[16],"in":[17],"healthcare":[18],"information":[19],"systems,":[20],"has":[21,46],"been":[22],"well":[23],"recognized.":[24],"In":[25,79],"an":[26,30,94],"system,":[29],"a":[31,42,48,55,59,84,98,103,128,162],"posteriori":[32,60,99,129,163],"obligation":[33,174],"states":[34],"which":[35],"actions":[36],"need":[37],"to":[38,76,105,109,111,119,170],"be":[39],"performed":[40],"by":[41],"user":[43,56],"after":[44],"he":[45],"accessed":[47],"resource.":[49],"There":[50],"is":[51],"no":[52],"guarantee":[53],"that":[54,88,126,157],"will":[57],"fulfill":[58],"obligations.":[61,100,122,164],"Not":[62],"fulfilling":[63,120],"these":[64],"may":[66,158],"incur":[67],"financial":[68],"loss,":[69],"or":[70],"loss":[71],"goodwill":[73],"and":[74,138,150,154,182],"productivity":[75],"organization.":[78],"this":[80],"paper,":[81],"we":[82],"propose":[83,102],"trust-and-obligation":[85],"based":[86],"framework":[87,148,166,179],"reduces":[89],"risk":[91],"exposure":[92],"organization":[95],"associated":[96,143],"with":[97,117],"We":[101,176],"methodology":[104],"assign":[106],"trust":[107,136],"values":[108,137],"users":[110],"indicate":[112],"how":[113],"trustworthy":[114],"they":[115],"are":[116,131,145],"regards":[118],"their":[121],"When":[123],"requests":[125],"trigger":[127],"evaluated,":[132],"requesting":[134],"users'":[135],"criticality":[140],"used.":[146],"Our":[147,165],"detects":[149],"mitigates":[151],"insider":[152],"attacks":[153],"unintentional":[155],"damages":[156],"result":[159],"from":[160],"violating":[161],"also":[167],"provides":[168],"mechanisms":[169],"determine":[171],"misconfigurations":[172],"policies.":[175],"evaluate":[177],"our":[178],"through":[180],"simulations":[181],"demonstrate":[183],"its":[184],"effectiveness.":[185]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}