{"id":"https://openalex.org/W4396242236","doi":"https://doi.org/10.1145/3649835","title":"Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization","display_name":"Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization","publication_year":2024,"publication_date":"2024-04-29","ids":{"openalex":"https://openalex.org/W4396242236","doi":"https://doi.org/10.1145/3649835"},"language":"en","primary_location":{"id":"doi:10.1145/3649835","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3649835","pdf_url":null,"source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1145/3649835","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071383842","display_name":"Joseph W. Cutler","orcid":"https://orcid.org/0000-0001-9399-9308"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]},{"id":"https://openalex.org/I922845939","display_name":"Philadelphia University","ror":"https://ror.org/03zzmyz63","country_code":"US","type":"education","lineage":["https://openalex.org/I922845939"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joseph W. Cutler","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, USA"],"raw_orcid":"https://orcid.org/0000-0001-9399-9308","affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, USA","institution_ids":["https://openalex.org/I922845939","https://openalex.org/I79576946"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055403961","display_name":"Craig Disselkoen","orcid":"https://orcid.org/0000-0003-4358-2963"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Craig Disselkoen","raw_affiliation_strings":["Amazon Web Services, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0003-4358-2963","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011732057","display_name":"Aaron Eline","orcid":"https://orcid.org/0000-0002-9105-4922"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Aaron Eline","raw_affiliation_strings":["Amazon Web Services, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0002-9105-4922","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103183170","display_name":"Shaobo He","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shaobo He","raw_affiliation_strings":["Amazon Web Services, Santa Clara, USA"],"raw_orcid":"https://orcid.org/0000-0002-9899-6226","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Santa Clara, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040567153","display_name":"Kyle Headley","orcid":"https://orcid.org/0000-0002-4880-4150"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kyle Headley","raw_affiliation_strings":["Unaffiliated, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0002-4880-4150","affiliations":[{"raw_affiliation_string":"Unaffiliated, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046625836","display_name":"Michael Hicks","orcid":"https://orcid.org/0000-0002-2759-9223"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Michael Hicks","raw_affiliation_strings":["Amazon Web Services, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0002-2759-9223","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002449883","display_name":"Kesha Hietala","orcid":"https://orcid.org/0000-0002-2724-0974"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kesha Hietala","raw_affiliation_strings":["Amazon Web Services, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0002-2724-0974","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101978591","display_name":"Eleftherios Ioannidis","orcid":"https://orcid.org/0000-0003-2749-797X"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]},{"id":"https://openalex.org/I922845939","display_name":"Philadelphia University","ror":"https://ror.org/03zzmyz63","country_code":"US","type":"education","lineage":["https://openalex.org/I922845939"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Eleftherios Ioannidis","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, USA"],"raw_orcid":"https://orcid.org/0000-0003-2749-797X","affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, USA","institution_ids":["https://openalex.org/I922845939","https://openalex.org/I79576946"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019712655","display_name":"John Kastner","orcid":"https://orcid.org/0000-0002-1273-5990"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"John Kastner","raw_affiliation_strings":["Amazon Web Services, Arlington, USA"],"raw_orcid":"https://orcid.org/0000-0002-1273-5990","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Arlington, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Anwar Mamat","orcid":"https://orcid.org/0009-0007-1184-7206"},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anwar Mamat","raw_affiliation_strings":["University of Maryland, College Park, USA"],"raw_orcid":"https://orcid.org/0009-0007-1184-7206","affiliations":[{"raw_affiliation_string":"University of Maryland, College Park, USA","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5094105820","display_name":"Darin McAdams","orcid":"https://orcid.org/0009-0002-4005-1817"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Darin McAdams","raw_affiliation_strings":["Amazon Web Services, Seattle, USA"],"raw_orcid":"https://orcid.org/0009-0002-4005-1817","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Seattle, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066642904","display_name":"Matt McCutchen","orcid":"https://orcid.org/0000-0003-4814-5148"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Matt McCutchen","raw_affiliation_strings":["Unaffiliated, Rockville, USA"],"raw_orcid":"https://orcid.org/0000-0003-4814-5148","affiliations":[{"raw_affiliation_string":"Unaffiliated, Rockville, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047763549","display_name":"Neha Rungta","orcid":"https://orcid.org/0000-0001-5143-8940"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Neha Rungta","raw_affiliation_strings":["Amazon Web Services, Seattle, USA"],"raw_orcid":"https://orcid.org/0000-0001-5143-8940","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Seattle, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088791029","display_name":"Emina Torlak","orcid":"https://orcid.org/0000-0002-1155-2711"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Emina Torlak","raw_affiliation_strings":["Amazon Web Services, Seattle, USA"],"raw_orcid":"https://orcid.org/0000-0002-1155-2711","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Seattle, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5062808161","display_name":"Andrew M. Wells","orcid":"https://orcid.org/0000-0001-7780-2122"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andrew M. Wells","raw_affiliation_strings":["Amazon Web Services, Santa Clara, USA"],"raw_orcid":"https://orcid.org/0000-0001-7780-2122","affiliations":[{"raw_affiliation_string":"Amazon Web Services, Santa Clara, USA","institution_ids":["https://openalex.org/I1311688040"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":15,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":14.808,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.98822486,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"8","issue":"OOPSLA1","first_page":"670","last_page":"697"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9937999844551086,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7465097904205322},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5956684947013855},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.5290737748146057},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.23511338233947754}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7465097904205322},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5956684947013855},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.5290737748146057},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23511338233947754}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3649835","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3649835","pdf_url":null,"source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3649835","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3649835","pdf_url":null,"source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.4300000071525574,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W109452506","https://openalex.org/W1486178352","https://openalex.org/W1541185175","https://openalex.org/W1837588081","https://openalex.org/W1969965298","https://openalex.org/W1976924726","https://openalex.org/W2038677544","https://openalex.org/W2043144080","https://openalex.org/W2063990300","https://openalex.org/W2064070192","https://openalex.org/W2081973669","https://openalex.org/W2087834864","https://openalex.org/W2124260419","https://openalex.org/W2125126351","https://openalex.org/W2132934597","https://openalex.org/W2168884369","https://openalex.org/W2523884720","https://openalex.org/W2736067960","https://openalex.org/W2908957302","https://openalex.org/W2911282308","https://openalex.org/W3178506813","https://openalex.org/W4205913186","https://openalex.org/W4223972987","https://openalex.org/W4225922019","https://openalex.org/W4238083723","https://openalex.org/W4247999361","https://openalex.org/W4313549859","https://openalex.org/W4380730811","https://openalex.org/W4384154579"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W2382290278","https://openalex.org/W4395014643","https://openalex.org/W4391913857","https://openalex.org/W2350741829"],"abstract_inverted_index":{"Cedar":[0,30,130,151,159,171],"is":[1],"a":[2,100,117],"new":[3],"authorization":[4,18,47],"policy":[5,64,74,81,109],"language":[6],"designed":[7],"to":[8,36,69,79,97,112,141,160],"be":[9,70],"ergonomic,":[10],"fast,":[11],"safe,":[12],"and":[13,32,42,58,102,136,154,165],"analyzable.":[14],"Rather":[15],"than":[16],"embed":[17],"logic":[19,28],"in":[20,88,131,152],"an":[21],"application\u2019s":[22],"code,":[23],"developers":[24],"can":[25],"write":[26],"that":[27,114,170],"as":[29],"policies":[31],"delegate":[33],"access":[34,60,67],"decisions":[35],"Cedar\u2019s":[37,40,63,73,91,146],"evaluation":[38],"engine.":[39],"simple":[41],"intuitive":[43],"syntax":[44],"supports":[45],"common":[46],"use-cases":[48],"with":[49],"readable":[50,176],"policies,":[51,120,177],"naturally":[52],"leveraging":[53],"concepts":[54],"from":[55],"role-based,":[56],"attribute-based,":[57],"relation-based":[59],"control":[61],"models.":[62],"structure":[65],"enables":[66,107],"requests":[68],"decided":[71],"quickly.":[72],"validator":[75],"leverages":[76],"optional":[77],"typing":[78],"help":[80],"writers":[82],"avoid":[83],"mistakes,":[84],"but":[85,178],"not":[86,125],"get":[87],"their":[89],"way.":[90],"design":[92],"has":[93,172],"been":[94],"finely":[95],"balanced":[96],"allow":[98],"for":[99],"sound":[101],"complete":[103],"logical":[104],"encoding,":[105],"which":[106],"precise":[108],"analysis,":[110],"e.g.,":[111],"ensure":[113],"when":[115],"refactoring":[116],"set":[118],"of":[119,145],"the":[121,132],"authorized":[122],"permissions":[123],"do":[124],"change.":[126],"We":[127,148],"have":[128,149],"modeled":[129],"Lean":[133],"programming":[134],"language,":[135],"used":[137],"Lean\u2019s":[138],"proof":[139],"assistant":[140],"prove":[142],"important":[143],"properties":[144],"design.":[147],"implemented":[150],"Rust,":[153],"released":[155],"it":[156],"open-source.":[157],"Comparing":[158],"two":[161],"open-source":[162],"languages,":[163],"OpenFGA":[164],"Rego,":[166],"we":[167],"find":[168],"(subjectively)":[169],"equally":[173],"or":[174],"more":[175],"(objectively)":[179],"performs":[180],"far":[181],"better.":[182]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":11},{"year":2024,"cited_by_count":1}],"updated_date":"2026-06-12T08:23:45.883708","created_date":"2025-10-10T00:00:00"}