{"id":"https://openalex.org/W2125696869","doi":"https://doi.org/10.1145/1135777.1135818","title":"Access control enforcement for conversation-based web services","display_name":"Access control enforcement for conversation-based web services","publication_year":2006,"publication_date":"2006-05-23","ids":{"openalex":"https://openalex.org/W2125696869","doi":"https://doi.org/10.1145/1135777.1135818","mag":"2125696869"},"language":"en","primary_location":{"id":"doi:10.1145/1135777.1135818","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1135777.1135818","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th international conference on World Wide Web","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5068425882","display_name":"Massimo Mecella","orcid":"https://orcid.org/0000-0002-9730-8882"},"institutions":[{"id":"https://openalex.org/I861853513","display_name":"Sapienza University of Rome","ror":"https://ror.org/02be6w209","country_code":"IT","type":"education","lineage":["https://openalex.org/I861853513"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Massimo Mecella","raw_affiliation_strings":["Purdue University, and Universit\u00e0 di Roma \"La Sapienza\", Italy"],"affiliations":[{"raw_affiliation_string":"Purdue University, and Universit\u00e0 di Roma \"La Sapienza\", Italy","institution_ids":["https://openalex.org/I861853513"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026923999","display_name":"Mourad Ouzzani","orcid":"https://orcid.org/0000-0002-4035-3025"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mourad Ouzzani","raw_affiliation_strings":["Purdue University"],"affiliations":[{"raw_affiliation_string":"Purdue University","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083730359","display_name":"Federica Paci","orcid":"https://orcid.org/0000-0003-3122-0236"},"institutions":[{"id":"https://openalex.org/I189158943","display_name":"University of Milan","ror":"https://ror.org/00wjc7c48","country_code":"IT","type":"education","lineage":["https://openalex.org/I189158943"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Federica Paci","raw_affiliation_strings":["Universit\u00e0 degli Studi di Milano, Italy"],"affiliations":[{"raw_affiliation_string":"Universit\u00e0 degli Studi di Milano, Italy","institution_ids":["https://openalex.org/I189158943"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University"],"affiliations":[{"raw_affiliation_string":"Purdue University","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5068425882"],"corresponding_institution_ids":["https://openalex.org/I861853513"],"apc_list":null,"apc_paid":null,"fwci":25.5863,"has_fulltext":false,"cited_by_count":48,"citation_normalized_percentile":{"value":0.99365189,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"257","last_page":"266"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.9883000254631042,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9240999817848206,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.753490686416626},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.6919291019439697},{"id":"https://openalex.org/keywords/conversation","display_name":"Conversation","score":0.5958873629570007},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.5951948165893555},{"id":"https://openalex.org/keywords/ws-policy","display_name":"WS-Policy","score":0.5933195948600769},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5818180441856384},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.512950599193573},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.49642878770828247},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.48216336965560913},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.4574621617794037},{"id":"https://openalex.org/keywords/web-standards","display_name":"Web standards","score":0.4438202977180481},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.43890121579170227},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.4339749217033386},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.41606175899505615},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.38987407088279724},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.16570279002189636}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.753490686416626},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.6919291019439697},{"id":"https://openalex.org/C2777200299","wikidata":"https://www.wikidata.org/wiki/Q52943","display_name":"Conversation","level":2,"score":0.5958873629570007},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.5951948165893555},{"id":"https://openalex.org/C190515685","wikidata":"https://www.wikidata.org/wiki/Q749179","display_name":"WS-Policy","level":5,"score":0.5933195948600769},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5818180441856384},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.512950599193573},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.49642878770828247},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.48216336965560913},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.4574621617794037},{"id":"https://openalex.org/C182321512","wikidata":"https://www.wikidata.org/wiki/Q1153289","display_name":"Web standards","level":3,"score":0.4438202977180481},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.43890121579170227},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.4339749217033386},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.41606175899505615},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.38987407088279724},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.16570279002189636},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":7,"locations":[{"id":"doi:10.1145/1135777.1135818","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1135777.1135818","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th international conference on World Wide Web","raw_type":"proceedings-article"},{"id":"pmh:oai:docs.lib.purdue.edu:ccpubs-1326","is_oa":false,"landing_page_url":"https://docs.lib.purdue.edu/ccpubs/331","pdf_url":null,"source":{"id":"https://openalex.org/S4377196310","display_name":"Purdue e-Pubs (Purdue University System)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2801333002","host_organization_name":"Purdue University System","host_organization_lineage":["https://openalex.org/I2801333002"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Cyber Center Publications","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.153.8328","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.8328","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://portal.acm.org/ft_gateway.cfm?id=1135818&amp;type=pdf&amp;coll=ACM&amp;dl=ACM&amp;CFID=425981&amp;CFTOKEN=90967802","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.158.6142","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.158.6142","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cerias.purdue.edu/ssl/techreports-ssl/2005-79.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.79.8920","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.79.8920","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www2006.org/programme/files/pdf/5061.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.91.1899","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.91.1899","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.purdue.edu/homes/bertino/www-2006.pdf","raw_type":"text"},{"id":"pmh:oai:iris.uniroma1.it:11573/56342","is_oa":false,"landing_page_url":"http://www.scopus.com/inward/record.url?eid=2-s2.0-34250616363&partnerID=65&md5=e56a43033faeff2583c8590ea58a81ca","pdf_url":null,"source":{"id":"https://openalex.org/S4377196107","display_name":"IRIS Research product catalog (Sapienza University of Rome)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5299999713897705}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W180333208","https://openalex.org/W618024573","https://openalex.org/W1488556964","https://openalex.org/W1514557032","https://openalex.org/W1580858050","https://openalex.org/W1755813429","https://openalex.org/W1967494140","https://openalex.org/W2005830997","https://openalex.org/W2025748160","https://openalex.org/W2028940005","https://openalex.org/W2065526162","https://openalex.org/W2084063516","https://openalex.org/W2114917462","https://openalex.org/W2117790608","https://openalex.org/W2118382442","https://openalex.org/W2124325155","https://openalex.org/W2126895723","https://openalex.org/W2140746761","https://openalex.org/W2148996947","https://openalex.org/W2151472800","https://openalex.org/W2615164812","https://openalex.org/W2738444131","https://openalex.org/W4238996902","https://openalex.org/W6637914873","https://openalex.org/W6678658492"],"related_works":["https://openalex.org/W1583761149","https://openalex.org/W3139770152","https://openalex.org/W2989862745","https://openalex.org/W2064213895","https://openalex.org/W2083496135","https://openalex.org/W2073729008","https://openalex.org/W2313216161","https://openalex.org/W1985294818","https://openalex.org/W4313139008","https://openalex.org/W2020457383"],"abstract_inverted_index":{"Service":[0],"Oriented":[1],"Computing":[2],"is":[3,23,62,121],"emerging":[4],"as":[5,77],"the":[6,15,26,55,90,100,106,114,127,132,136,144,150,160],"main":[7],"approach":[8,51,85],"to":[9,68,92,102,104,113,123,135],"build":[10],"distributed":[11],"enterprise":[12],"applications":[13],"on":[14],"Web.":[16],"The":[17],"widespread":[18],"use":[19],"of":[20,28,58,80,108,138,146],"Web":[21,48,59,75,94],"services":[22],"hindered":[24],"by":[25],"lack":[27,137],"adequate":[29],"security":[30,140],"and":[31,99],"privacy":[32],"support.":[33],"In":[34],"this":[35],"paper,":[36],"we":[37],"present":[38],"a":[39,74,78,87,154,167],"novel":[40],"framework":[41],"for":[42,152],"enforcing":[43],"access":[44,69,96,109],"control":[45,70,97,110],"in":[46,63,131],"conversation-based":[47],"services.":[49,60],"Our":[50],"takes":[52],"into":[53],"account":[54],"conversational":[56],"nature":[57],"This":[61,120],"contrast":[64],"with":[65],"existing":[66],"approaches":[67],"enforcement":[71],"that":[72,148,162],"assume":[73],"service":[76],"set":[79],"independent":[81],"operations.":[82],"Furthermore,":[83],"our":[84],"achieves":[86],"tradeoff":[88],"between":[89],"need":[91,101],"protect":[93],"service's":[95],"policies":[98,111],"disclose":[103],"clients":[105],"portion":[107],"related":[112],"conversations":[115,151],"they":[116],"are":[117],"interested":[118],"in.":[119],"important":[122],"avoid":[124],"situations":[125],"where":[126],"client":[128,155],"cannot":[129],"progress":[130],"conversation":[133],"due":[134],"required":[139],"requirements.":[141],"We":[142],"introduce":[143],"concept":[145],"k-trustworthiness":[147],"defines":[149],"which":[153],"can":[156],"provide":[157],"credentials":[158],"maximizing":[159],"likelihood":[161],"it":[163],"will":[164],"eventually":[165],"hit":[166],"final":[168],"state.":[169]},"counts_by_year":[{"year":2018,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}