{"id":"https://openalex.org/W2806746959","doi":"https://doi.org/10.1145/3205977.3208950","title":"Towards Greater Expressiveness, Flexibility, and Uniformity in Access Control","display_name":"Towards Greater Expressiveness, Flexibility, and Uniformity in Access Control","publication_year":2018,"publication_date":"2018-06-07","ids":{"openalex":"https://openalex.org/W2806746959","doi":"https://doi.org/10.1145/3205977.3208950","mag":"2806746959"},"language":"en","primary_location":{"id":"doi:10.1145/3205977.3208950","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3205977.3208950","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101567999","display_name":"Jiaming Jiang","orcid":"https://orcid.org/0000-0003-2458-2327"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Jiaming Jiang","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078910758","display_name":"Rada Chirkova","orcid":"https://orcid.org/0000-0003-4249-9690"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rada Chirkova","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044856770","display_name":"Jon Doyle","orcid":"https://orcid.org/0000-0002-5553-3790"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jon Doyle","raw_affiliation_strings":["North Carolina State University, Raleigh, NC, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, NC, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5032376111","display_name":"Arnon Rosenthal","orcid":"https://orcid.org/0000-0001-8421-8004"},"institutions":[{"id":"https://openalex.org/I44896327","display_name":"Mitre (United States)","ror":"https://ror.org/03ks2a131","country_code":"US","type":"company","lineage":["https://openalex.org/I44896327"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Arnon Rosenthal","raw_affiliation_strings":["The MITRE Corporation, Bedford, MA, USA"],"affiliations":[{"raw_affiliation_string":"The MITRE Corporation, Bedford, MA, USA","institution_ids":["https://openalex.org/I44896327"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5101567999"],"corresponding_institution_ids":["https://openalex.org/I137902535"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.0880791,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"217","last_page":"219"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8372189998626709},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6099947690963745},{"id":"https://openalex.org/keywords/maintainability","display_name":"Maintainability","score":0.5675181150436401},{"id":"https://openalex.org/keywords/readability","display_name":"Readability","score":0.5616888999938965},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.4963553547859192},{"id":"https://openalex.org/keywords/consistency","display_name":"Consistency (knowledge bases)","score":0.4712938368320465},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.42416298389434814},{"id":"https://openalex.org/keywords/formalism","display_name":"Formalism (music)","score":0.4229547381401062},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.31725871562957764},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2545248866081238},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.22693032026290894},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.1919046938419342}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8372189998626709},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6099947690963745},{"id":"https://openalex.org/C160713754","wikidata":"https://www.wikidata.org/wiki/Q1389965","display_name":"Maintainability","level":2,"score":0.5675181150436401},{"id":"https://openalex.org/C2778143727","wikidata":"https://www.wikidata.org/wiki/Q1820650","display_name":"Readability","level":2,"score":0.5616888999938965},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.4963553547859192},{"id":"https://openalex.org/C2776436953","wikidata":"https://www.wikidata.org/wiki/Q5163215","display_name":"Consistency (knowledge bases)","level":2,"score":0.4712938368320465},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.42416298389434814},{"id":"https://openalex.org/C73301696","wikidata":"https://www.wikidata.org/wiki/Q5469984","display_name":"Formalism (music)","level":3,"score":0.4229547381401062},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.31725871562957764},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2545248866081238},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.22693032026290894},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.1919046938419342},{"id":"https://openalex.org/C558565934","wikidata":"https://www.wikidata.org/wiki/Q2743","display_name":"Musical","level":2,"score":0.0},{"id":"https://openalex.org/C153349607","wikidata":"https://www.wikidata.org/wiki/Q36649","display_name":"Visual arts","level":1,"score":0.0},{"id":"https://openalex.org/C142362112","wikidata":"https://www.wikidata.org/wiki/Q735","display_name":"Art","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3205977.3208950","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3205977.3208950","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5199999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1015545679","https://openalex.org/W1577783107","https://openalex.org/W1577867985","https://openalex.org/W1968242674","https://openalex.org/W2069728203","https://openalex.org/W2097171586","https://openalex.org/W2106669382","https://openalex.org/W2113448398","https://openalex.org/W2124228505","https://openalex.org/W2138001464","https://openalex.org/W2140730933","https://openalex.org/W2146707214","https://openalex.org/W2566006170","https://openalex.org/W2732613530","https://openalex.org/W2749040653"],"related_works":["https://openalex.org/W1964661231","https://openalex.org/W3110264473","https://openalex.org/W4254960163","https://openalex.org/W2032810564","https://openalex.org/W2370831213","https://openalex.org/W2972807713","https://openalex.org/W4315704968","https://openalex.org/W2100255360","https://openalex.org/W2107506952","https://openalex.org/W3135287016"],"abstract_inverted_index":{"Attribute-based":[0],"access":[1,7,14,263],"control":[2,8,15,264],"(ABAC)":[3],"is":[4,67],"a":[5,71,80,158,196,278],"general":[6],"model":[9,200],"that":[10,95,97,132,161,171],"subsumes":[11],"numerous":[12,284],"earlier":[13],"models.":[16],"Its":[17],"increasing":[18],"popularity":[19],"stems":[20],"from":[21],"the":[22,43,98,151,185,215],"intuitive":[23],"generic":[24],"structure":[25,78,153],"of":[26,35,58,63,82,86,88,92,103,136,154,184,195,204,206,258],"granting":[27],"permissions":[28],"based":[29],"on":[30,220],"application":[31,221],"and":[32,39,47,90,105,122,138,167,170,208,218,222,246,268,287],"domain":[33,223],"attributes":[34,181,237],"users,":[36],"subjects,":[37],"objects,":[38],"other":[40],"entities":[41,207],"in":[42,56,79,130,157,176,182,213,233],"system.":[44],"Multiple":[45],"formal":[46,285],"informal":[48],"languages":[49,66,175,275],"have":[50],"been":[51],"developed":[52],"to":[53,107,144,190,238],"express":[54],"policies":[55],"terms":[57,183],"such":[59],"attributes.":[60,224],"The":[61,76,112],"utility":[62],"ABAC":[64,83,155,192],"policy":[65,174,243],"potentially":[68,116,230],"undermined":[69],"without":[70],"properly":[72],"formalized":[73],"underlying":[74],"model.":[75,187],"high-level":[77,152],"majority":[81],"models":[84,131,156],"consists":[85],"sets":[87,91,104],"tokens":[89,106],"sets,":[93],"expressions":[94],"demand":[96],"reader":[99],"unpack":[100],"multiple":[101],"levels":[102],"determine":[108],"what":[109],"things":[110],"mean.":[111],"resulting":[113],"reduced":[114],"readability":[115],"endangers":[117],"correct":[118],"expression,":[119],"reduces":[120],"maintainability,":[121],"impedes":[123],"validation.":[124],"These":[125],"problems":[126,148],"could":[127],"be":[128],"magnified":[129,147],"employ":[133],"nonuniform":[134],"representations":[135],"actions":[137,164],"their":[139,180,271],"governing":[140,272],"policies.":[141,273],"We":[142],"propose":[143],"avoid":[145],"these":[146],"by":[149,178,250,283],"recasting":[150],"logical":[159,197,226],"formalism":[160],"treats":[162],"all":[163],"(by":[165],"users":[166],"others)":[168],"uniformly":[169],"keeps":[172],"existing":[173,191],"place":[177],"interpreting":[179],"restructured":[186],"In":[188],"comparison":[189],"models,":[193],"use":[194],"language":[198,228],"for":[199,254],"formalization,":[201],"including":[202],"hierarchies":[203],"types":[205,257],"attributes,":[209],"promises":[210],"improved":[211,249],"expressiveness":[212],"specifying":[214],"relationships":[216,235],"between":[217],"requirements":[219],"A":[225],"modeling":[227],"also":[229,276],"improves":[231],"flexibility":[232],"representing":[234,255],"as":[236,261],"support":[239],"some":[240],"widely":[241],"used":[242],"languages.":[244],"Consistency":[245],"intelligibility":[247],"are":[248],"using":[251],"uniform":[252],"means":[253],"different":[256],"controlled":[259],"actions---such":[260],"regular":[262],"actions,":[265,267],"administrative":[266],"user":[269],"logins---and":[270],"Logical":[274],"provide":[277],"well-defined":[279],"denotational":[280],"semantics":[281],"supported":[282],"inference":[286],"verification":[288],"tools.":[289]},"counts_by_year":[{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}