{"id":"https://openalex.org/W2068612323","doi":"https://doi.org/10.1145/2516951.2516952","title":"Modelling Access Propagation in Dynamic Systems","display_name":"Modelling Access Propagation in Dynamic Systems","publication_year":2013,"publication_date":"2013-09-01","ids":{"openalex":"https://openalex.org/W2068612323","doi":"https://doi.org/10.1145/2516951.2516952","mag":"2068612323"},"language":"en","primary_location":{"id":"doi:10.1145/2516951.2516952","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2516951.2516952","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://zenodo.org/record/3439019","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048866718","display_name":"Thomas A. Leonard","orcid":"https://orcid.org/0000-0001-6853-666X"},"institutions":[{"id":"https://openalex.org/I43439940","display_name":"University of Southampton","ror":"https://ror.org/01ryk1543","country_code":"GB","type":"education","lineage":["https://openalex.org/I43439940"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Thomas Leonard","raw_affiliation_strings":["IT Innovation Centre, University of Southampton"],"affiliations":[{"raw_affiliation_string":"IT Innovation Centre, University of Southampton","institution_ids":["https://openalex.org/I43439940"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054272308","display_name":"Martin Hall-May","orcid":null},"institutions":[{"id":"https://openalex.org/I43439940","display_name":"University of Southampton","ror":"https://ror.org/01ryk1543","country_code":"GB","type":"education","lineage":["https://openalex.org/I43439940"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Martin Hall-May","raw_affiliation_strings":["IT Innovation Centre, University of Southampton"],"affiliations":[{"raw_affiliation_string":"IT Innovation Centre, University of Southampton","institution_ids":["https://openalex.org/I43439940"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077694971","display_name":"Mike Surridge","orcid":"https://orcid.org/0000-0003-1485-7024"},"institutions":[{"id":"https://openalex.org/I43439940","display_name":"University of Southampton","ror":"https://ror.org/01ryk1543","country_code":"GB","type":"education","lineage":["https://openalex.org/I43439940"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Mike Surridge","raw_affiliation_strings":["IT Innovation Centre, University of Southampton"],"affiliations":[{"raw_affiliation_string":"IT Innovation Centre, University of Southampton","institution_ids":["https://openalex.org/I43439940"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5048866718"],"corresponding_institution_ids":["https://openalex.org/I43439940"],"apc_list":null,"apc_paid":null,"fwci":5.851,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.95740562,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"16","issue":"2","first_page":"1","last_page":"31"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8911809325218201},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7830596566200256},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.5789933800697327},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.5435776710510254},{"id":"https://openalex.org/keywords/programmer","display_name":"Programmer","score":0.4893590807914734},{"id":"https://openalex.org/keywords/backup","display_name":"Backup","score":0.456717848777771},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.44030922651290894},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4141901433467865},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.34338968992233276},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2595088481903076},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17546534538269043}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8911809325218201},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7830596566200256},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.5789933800697327},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.5435776710510254},{"id":"https://openalex.org/C2778514511","wikidata":"https://www.wikidata.org/wiki/Q1374194","display_name":"Programmer","level":2,"score":0.4893590807914734},{"id":"https://openalex.org/C2780945871","wikidata":"https://www.wikidata.org/wiki/Q194274","display_name":"Backup","level":2,"score":0.456717848777771},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.44030922651290894},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4141901433467865},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.34338968992233276},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2595088481903076},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17546534538269043}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/2516951.2516952","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2516951.2516952","pdf_url":null,"source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},{"id":"pmh:oai:eprints.soton.ac.uk:372445","is_oa":false,"landing_page_url":"https://eprints.soton.ac.uk/372445/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401019","display_name":"ePrints Soton (University of Southampton)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I43439940","host_organization_name":"University of Southampton","host_organization_lineage":["https://openalex.org/I43439940"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"},{"id":"pmh:oai:zenodo.org:3439019","is_oa":true,"landing_page_url":"https://zenodo.org/record/3439019","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"pmh:oai:zenodo.org:3439019","is_oa":true,"landing_page_url":"https://zenodo.org/record/3439019","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2833455287","display_name":null,"funder_award_id":"225336, SERSCIS","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W10127936","https://openalex.org/W172519447","https://openalex.org/W180090496","https://openalex.org/W191839766","https://openalex.org/W1533541639","https://openalex.org/W1608091202","https://openalex.org/W1696058307","https://openalex.org/W1795022646","https://openalex.org/W1915915253","https://openalex.org/W1987035533","https://openalex.org/W2020992910","https://openalex.org/W2035142022","https://openalex.org/W2056073317","https://openalex.org/W2096174010","https://openalex.org/W2103317919","https://openalex.org/W2108120132","https://openalex.org/W2121780525","https://openalex.org/W2125403226","https://openalex.org/W2126731006","https://openalex.org/W2132334337","https://openalex.org/W2157514610","https://openalex.org/W2167685423","https://openalex.org/W2265839914","https://openalex.org/W2400216756","https://openalex.org/W3141637363","https://openalex.org/W4213161996","https://openalex.org/W4247889999","https://openalex.org/W6607933944"],"related_works":["https://openalex.org/W2105261429","https://openalex.org/W3138978413","https://openalex.org/W2148952798","https://openalex.org/W2237948567","https://openalex.org/W2371270386","https://openalex.org/W4386618948","https://openalex.org/W2378809132","https://openalex.org/W14205470","https://openalex.org/W2355416533","https://openalex.org/W318167434"],"abstract_inverted_index":{"Access":[0,62],"control":[1,32],"is":[2,115,242],"a":[3,15,20,27,66,69,98,108,151,182,194,200,218],"critical":[4],"feature":[5],"of":[6,11,26,68,111,160],"many":[7],"systems,":[8,192],"including":[9],"networks":[10],"services,":[12],"processes":[13],"within":[14,19],"computer,":[16],"and":[17,71,86,100,128,132,147,157,198,235],"objects":[18,125,136],"running":[21],"process.":[22],"The":[23,60],"security":[24],"consequences":[25],"particular":[28],"architecture":[29],"or":[30,53],"access":[31,55,74,129,213],"policy":[33],"are":[34,43,50,57,126,137],"often":[35],"difficult":[36],"to":[37,117,149,189,207,210,221],"determine,":[38],"especially":[39],"where":[40,48,54,134],"some":[41,135],"components":[42,49],"not":[44,138,243],"under":[45,231],"our":[46,228],"control,":[47],"created":[51,127],"dynamically,":[52],"policies":[56,130],"updated":[58],"dynamically.":[59],"SERSCIS":[61],"Modeller":[63],"(SAM)":[64],"takes":[65],"model":[67,190,211],"system":[70],"explores":[72],"how":[73,188,206],"can":[75,80,106],"propagate":[76],"through":[77],"it.":[78],"It":[79,140],"both":[81],"prove":[82],"defined":[83],"safety":[84],"properties":[85],"discover":[87,107,236],"unwanted":[88],"properties.":[89],"By":[90],"defining":[91],"expected":[92],"behaviours,":[93],"recording":[94],"the":[95,167,178,232,238],"results":[96],"as":[97,145],"baseline,":[99],"then":[101],"introducing":[102],"untrusted":[103],"actors,":[104],"SAM":[105,114,176],"wide":[109],"variety":[110],"design":[112,241],"flaws.":[113],"designed":[116],"handle":[118],"dynamic":[119],"systems":[120,133],"(i.e.,":[121],"at":[122],"runtime,":[123],"new":[124,212,233],"modified)":[131],"trusted.":[139],"extends":[141],"previous":[142],"approaches":[143],"such":[144],"Scollar":[146],"Authodox":[148,172],"provide":[150],"programmer-friendly":[152],"syntax":[153],"for":[154],"specifying":[155],"behaviour,":[156],"allows":[158],"modelling":[159],"services":[161],"with":[162,245],"mutually":[163],"suspicious":[164],"clients.":[165],"Taking":[166],"Confused":[168],"Deputy":[169],"example":[170],"from":[171],"we":[173,186,204,226],"show":[174,187,205],"that":[175,217,237],"detects":[177],"attack":[179],"automatically;":[180],"using":[181,199],"web-based":[183],"backup":[184],"service,":[185],"RBAC":[191],"detecting":[193],"missing":[195],"validation":[196],"check;":[197],"proxy":[201,239],"certificate":[202,240],"system,":[203],"extend":[208],"it":[209],"mechanisms.":[214],"On":[215],"discovering":[216],"library":[219],"fails":[220],"follow":[222],"an":[223],"RFC":[224],"precisely,":[225],"re-evaluate":[227],"existing":[229],"models":[230],"assumption":[234],"safe":[244],"this":[246],"library.":[247]},"counts_by_year":[{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":4},{"year":2013,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}