{"id":"https://openalex.org/W2145653610","doi":"https://doi.org/10.1145/1559845.1559875","title":"Cross-tier, label-based security enforcement for web applications","display_name":"Cross-tier, label-based security enforcement for web applications","publication_year":2009,"publication_date":"2009-06-29","ids":{"openalex":"https://openalex.org/W2145653610","doi":"https://doi.org/10.1145/1559845.1559875","mag":"2145653610"},"language":"en","primary_location":{"id":"doi:10.1145/1559845.1559875","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1559845.1559875","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2009 ACM SIGMOD International Conference on Management of data","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025806255","display_name":"Brian J. Corcoran","orcid":null},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Brian J. Corcoran","raw_affiliation_strings":["University of Maryland, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"University of Maryland, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039334115","display_name":"Nikhil Swamy","orcid":"https://orcid.org/0000-0001-5348-9266"},"institutions":[{"id":"https://openalex.org/I1290206253","display_name":"Microsoft (United States)","ror":"https://ror.org/00d0nc645","country_code":"US","type":"company","lineage":["https://openalex.org/I1290206253"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nikhil Swamy","raw_affiliation_strings":["Microsoft Research, Redmond, WA, USA"],"affiliations":[{"raw_affiliation_string":"Microsoft Research, Redmond, WA, USA","institution_ids":["https://openalex.org/I1290206253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046625836","display_name":"Michael Hicks","orcid":"https://orcid.org/0000-0002-2759-9223"},"institutions":[{"id":"https://openalex.org/I66946132","display_name":"University of Maryland, College Park","ror":"https://ror.org/047s2c258","country_code":"US","type":"education","lineage":["https://openalex.org/I66946132"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael Hicks","raw_affiliation_strings":["University of Maryland, College Park, MD, USA"],"affiliations":[{"raw_affiliation_string":"University of Maryland, College Park, MD, USA","institution_ids":["https://openalex.org/I66946132"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5025806255"],"corresponding_institution_ids":["https://openalex.org/I66946132"],"apc_list":null,"apc_paid":null,"fwci":7.2261,"has_fulltext":false,"cited_by_count":62,"citation_normalized_percentile":{"value":0.97088799,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"269","last_page":"282"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8460566997528076},{"id":"https://openalex.org/keywords/syntax","display_name":"Syntax","score":0.6092424392700195},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5227570533752441},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.5178516507148743},{"id":"https://openalex.org/keywords/abstract-syntax-tree","display_name":"Abstract syntax tree","score":0.4973292648792267},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.4736824333667755},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.46788686513900757},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.4069402515888214},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.38450244069099426},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.37647560238838196},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.34202536940574646},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.08723011612892151}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8460566997528076},{"id":"https://openalex.org/C60048249","wikidata":"https://www.wikidata.org/wiki/Q37437","display_name":"Syntax","level":2,"score":0.6092424392700195},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5227570533752441},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.5178516507148743},{"id":"https://openalex.org/C58646249","wikidata":"https://www.wikidata.org/wiki/Q127380","display_name":"Abstract syntax tree","level":3,"score":0.4973292648792267},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4736824333667755},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.46788686513900757},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.4069402515888214},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.38450244069099426},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.37647560238838196},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.34202536940574646},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.08723011612892151},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/1559845.1559875","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1559845.1559875","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2009 ACM SIGMOD International Conference on Management of data","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.153.6086","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6086","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.umd.edu/~bjc/papers/selinks-sigmod2009.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.187.8141","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.187.8141","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.umd.edu/%7Emwh/papers/selinks.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7400000095367432,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W77717277","https://openalex.org/W88084838","https://openalex.org/W97712677","https://openalex.org/W1488890761","https://openalex.org/W1504054062","https://openalex.org/W1507976212","https://openalex.org/W1553136405","https://openalex.org/W1956149048","https://openalex.org/W2033229728","https://openalex.org/W2040234252","https://openalex.org/W2043226436","https://openalex.org/W2075139806","https://openalex.org/W2088675571","https://openalex.org/W2089042876","https://openalex.org/W2094873755","https://openalex.org/W2104152314","https://openalex.org/W2114148371","https://openalex.org/W2116236474","https://openalex.org/W2122049982","https://openalex.org/W2122960384","https://openalex.org/W2124297537","https://openalex.org/W2127279146","https://openalex.org/W2128487827","https://openalex.org/W2134966967","https://openalex.org/W2136327713","https://openalex.org/W2154564703","https://openalex.org/W2157010176","https://openalex.org/W2159078835","https://openalex.org/W2166510103","https://openalex.org/W2171182387","https://openalex.org/W2519486160","https://openalex.org/W6603935504","https://openalex.org/W6636447621","https://openalex.org/W6680131817"],"related_works":["https://openalex.org/W2378105307","https://openalex.org/W2353975670","https://openalex.org/W1625533892","https://openalex.org/W2070761870","https://openalex.org/W2038569176","https://openalex.org/W270927586","https://openalex.org/W1967899974","https://openalex.org/W2118300983","https://openalex.org/W1965694625","https://openalex.org/W4246531319"],"abstract_inverted_index":{"This":[0],"paper":[1],"presents":[2],"SELinks,":[3],"a":[4,16],"programming":[5,18],"language":[6,30],"focused":[7],"on":[8,27],"building":[9],"secure":[10],"multi-tier":[11],"web":[12],"applications.":[13],"SELinks":[14],"provides":[15],"uniform":[17],"model,":[19],"in":[20,37],"the":[21,38,42],"style":[22],"of":[23],"LINQ":[24],"and":[25],"Ruby":[26],"Rails,":[28],"with":[29],"syntax":[31],"for":[32],"accessing":[33],"objects":[34],"residing":[35],"either":[36],"database":[39],"or":[40],"at":[41],"server.":[43],"Object-level":[44],"security":[45,59],"policies":[46],"are":[47],"expressed":[48],"as":[49],"fully-customizable,":[50],"first-class":[51],"labels":[52],"which":[53],"may":[54],"themselves":[55],"be":[56],"subject":[57],"to":[58,62],"policies.":[60],"Access":[61],"labeled":[63],"data":[64],"is":[65],"mediated":[66],"via":[67],"trusted,":[68],"user-provided":[69],"policy":[70],"enforcement":[71],"functions.":[72]},"counts_by_year":[{"year":2023,"cited_by_count":4},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":6},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":13},{"year":2013,"cited_by_count":4},{"year":2012,"cited_by_count":5}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}