{"id":"https://openalex.org/W2294743843","doi":"https://doi.org/10.1145/2829949","title":"Using Architecture to Reason about Information Security","display_name":"Using Architecture to Reason about Information Security","publication_year":2015,"publication_date":"2015-12-09","ids":{"openalex":"https://openalex.org/W2294743843","doi":"https://doi.org/10.1145/2829949","mag":"2294743843"},"language":"en","primary_location":{"id":"doi:10.1145/2829949","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2829949","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2829949?download=true","source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2829949?download=true","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Stephen Chong","orcid":null},"institutions":[{"id":"https://openalex.org/I2801851002","display_name":"Harvard University Press","ror":"https://ror.org/006v7bf86","country_code":"US","type":"other","lineage":["https://openalex.org/I136199984","https://openalex.org/I2801851002"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Stephen Chong","raw_affiliation_strings":["Harvard University, Cambridge, MA"],"affiliations":[{"raw_affiliation_string":"Harvard University, Cambridge, MA","institution_ids":["https://openalex.org/I2801851002"]}]},{"author_position":"last","author":{"id":null,"display_name":"Ron Van Der Meyden","orcid":null},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Ron Van Der Meyden","raw_affiliation_strings":["UNSW Australia, Sydney, NSW, Australia"],"affiliations":[{"raw_affiliation_string":"UNSW Australia, Sydney, NSW, Australia","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I2801851002"],"apc_list":null,"apc_paid":null,"fwci":2.6706,"has_fulltext":true,"cited_by_count":8,"citation_normalized_percentile":{"value":0.92129803,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"18","issue":"2","first_page":"1","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.7289000153541565,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.7289000153541565,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.23229999840259552,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.008100000210106373,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.7688999772071838},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6292999982833862},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.5770000219345093},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.5706999897956848},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5435000061988831},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.5098000168800354},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.487199991941452},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.4059000015258789},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.3873000144958496}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8414999842643738},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.7688999772071838},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6292999982833862},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.5770000219345093},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.5706999897956848},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5435000061988831},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.5098000168800354},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5019000172615051},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.487199991941452},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.4059000015258789},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.3873000144958496},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3666999936103821},{"id":"https://openalex.org/C31139447","wikidata":"https://www.wikidata.org/wiki/Q5380386","display_name":"Enterprise information security architecture","level":2,"score":0.36649999022483826},{"id":"https://openalex.org/C180198813","wikidata":"https://www.wikidata.org/wiki/Q121182","display_name":"Information system","level":2,"score":0.3467000126838684},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.34060001373291016},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3375000059604645},{"id":"https://openalex.org/C106131492","wikidata":"https://www.wikidata.org/wiki/Q3072260","display_name":"Filter (signal processing)","level":2,"score":0.3206999897956848},{"id":"https://openalex.org/C48814466","wikidata":"https://www.wikidata.org/wiki/Q1228590","display_name":"Discretionary access control","level":4,"score":0.3098999857902527},{"id":"https://openalex.org/C77290126","wikidata":"https://www.wikidata.org/wiki/Q5283128","display_name":"Distributed System Security Architecture","level":5,"score":0.3010999858379364},{"id":"https://openalex.org/C2778544944","wikidata":"https://www.wikidata.org/wiki/Q1352349","display_name":"Architectural model","level":3,"score":0.27970001101493835},{"id":"https://openalex.org/C29024540","wikidata":"https://www.wikidata.org/wiki/Q1476964","display_name":"Covert channel","level":5,"score":0.2759999930858612},{"id":"https://openalex.org/C2776452267","wikidata":"https://www.wikidata.org/wiki/Q1503443","display_name":"Secrecy","level":2,"score":0.27459999918937683},{"id":"https://openalex.org/C98025372","wikidata":"https://www.wikidata.org/wiki/Q477538","display_name":"Systems architecture","level":3,"score":0.2655999958515167},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.2655999958515167},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2615000009536743},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.25920000672340393},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.257999986410141},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.25060001015663147}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/2829949","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2829949","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2829949?download=true","source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:1409.0309","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1409.0309","pdf_url":"https://arxiv.org/pdf/1409.0309","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:dash.harvard.edu:1/34330168","is_oa":true,"landing_page_url":"http://nrs.harvard.edu/urn-3:HUL.InstRepos:34330168","pdf_url":null,"source":{"id":"https://openalex.org/S4306401540","display_name":"Digital Access to Scholarship at Harvard (DASH) (Harvard University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I136199984","host_organization_name":"Harvard University","host_organization_lineage":["https://openalex.org/I136199984"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal Article"}],"best_oa_location":{"id":"doi:10.1145/2829949","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2829949","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2829949?download=true","source":{"id":"https://openalex.org/S2642811","display_name":"ACM Transactions on Information and System Security","issn_l":"1094-9224","issn":["1094-9224","1557-7406"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Information and System Security","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2924542006","display_name":"CAREER: Practical, Expressive, Language-based Information Security","funder_award_id":"1054172","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320338279","display_name":"Air Force Office of Scientific Research","ror":"https://ror.org/011e9bt93"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2294743843.pdf","grobid_xml":"https://content.openalex.org/works/W2294743843.grobid-xml"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W199389580","https://openalex.org/W306995698","https://openalex.org/W1497744324","https://openalex.org/W1535576056","https://openalex.org/W1600990450","https://openalex.org/W1677369896","https://openalex.org/W1748842448","https://openalex.org/W1824487558","https://openalex.org/W1971304247","https://openalex.org/W1978691365","https://openalex.org/W1988079752","https://openalex.org/W2010173096","https://openalex.org/W2018108160","https://openalex.org/W2029414465","https://openalex.org/W2036463966","https://openalex.org/W2048500751","https://openalex.org/W2069858199","https://openalex.org/W2083355374","https://openalex.org/W2086600700","https://openalex.org/W2098592421","https://openalex.org/W2106226772","https://openalex.org/W2115603783","https://openalex.org/W2116236474","https://openalex.org/W2118198367","https://openalex.org/W2118341398","https://openalex.org/W2120191680","https://openalex.org/W2122049982","https://openalex.org/W2126469755","https://openalex.org/W2130514086","https://openalex.org/W2148736496","https://openalex.org/W2153703803","https://openalex.org/W2156334993","https://openalex.org/W2159897734","https://openalex.org/W2161515940","https://openalex.org/W2164886052","https://openalex.org/W2165078378","https://openalex.org/W2470014699","https://openalex.org/W4212816620"],"related_works":[],"abstract_inverted_index":{"We":[0,34,82],"demonstrate,":[1],"by":[2,41,76,96],"a":[3,26,87,99,119],"number":[4],"of":[5,25,31,39,59,61,71,78,102,110],"examples,":[6],"that":[7,67,118],"information":[8,52,79],"flow":[9],"security":[10,80],"properties":[11,30],"can":[12],"be":[13],"proved":[14],"from":[15],"abstract":[16],"architectural":[17,37,72],"descriptions,":[18],"which":[19],"describe":[20],"only":[21],"the":[22,48,91,103,111],"causal":[23,92],"structure":[24,93],"system":[27,63],"and":[28,74],"local":[29,108],"trusted":[32,112],"components.":[33],"specify":[35],"these":[36],"descriptions":[38],"systems":[40],"generalizing":[42],"intransitive":[43,121],"noninterference":[44,122],"policies":[45],"to":[46,50,116],"admit":[47],"ability":[49],"filter":[51],"passed":[53],"between":[54],"communicating":[55],"domains.":[56],"A":[57],"notion":[58],"refinement":[60],"such":[62],"architectures":[64],"is":[65,94,114,124],"developed":[66],"supports":[68],"top-down":[69],"development":[70],"specifications":[73],"proofs":[75],"abstraction":[77],"properties.":[81],"also":[83],"show":[84],"that,":[85],"in":[86],"concrete":[88],"setting":[89,106],"where":[90],"enforced":[95],"access":[97,104],"control,":[98],"static":[100],"check":[101],"control":[105],"plus":[107],"verification":[109],"components":[113],"sufficient":[115],"prove":[117],"generalized":[120],"policy":[123],"satisfied.":[125]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":4},{"year":2015,"cited_by_count":1}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2016-06-24T00:00:00"}