{"id":"https://openalex.org/W1573773559","doi":"https://doi.org/10.1145/2854065.2854079","title":"A verified algorithm for detecting conflicts in XACML access control rules","display_name":"A verified algorithm for detecting conflicts in XACML access control rules","publication_year":2016,"publication_date":"2016-01-12","ids":{"openalex":"https://openalex.org/W1573773559","doi":"https://doi.org/10.1145/2854065.2854079","mag":"1573773559"},"language":"en","primary_location":{"id":"doi:10.1145/2854065.2854079","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2854065.2854079","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM SIGPLAN Conference on Certified Programs and Proofs","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.20381/ruor-5150","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073262847","display_name":"Michel St-Martin","orcid":null},"institutions":[{"id":"https://openalex.org/I153718931","display_name":"University of Ottawa","ror":"https://ror.org/03c4mmv16","country_code":"CA","type":"education","lineage":["https://openalex.org/I153718931"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Michel St-Martin","raw_affiliation_strings":["University of Ottawa, Canada"],"affiliations":[{"raw_affiliation_string":"University of Ottawa, Canada","institution_ids":["https://openalex.org/I153718931"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5090020170","display_name":"Amy Felty","orcid":"https://orcid.org/0000-0001-7195-2613"},"institutions":[{"id":"https://openalex.org/I153718931","display_name":"University of Ottawa","ror":"https://ror.org/03c4mmv16","country_code":"CA","type":"education","lineage":["https://openalex.org/I153718931"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Amy P. Felty","raw_affiliation_strings":["University of Ottawa, Canada"],"affiliations":[{"raw_affiliation_string":"University of Ottawa, Canada","institution_ids":["https://openalex.org/I153718931"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5073262847"],"corresponding_institution_ids":["https://openalex.org/I153718931"],"apc_list":null,"apc_paid":null,"fwci":13.5268,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.98190904,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"166","last_page":"175"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9904999732971191,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/xacml","display_name":"XACML","score":0.9711536169052124},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8095722198486328},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.743232250213623},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.7357687950134277},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5264131426811218},{"id":"https://openalex.org/keywords/debugging","display_name":"Debugging","score":0.5087562203407288},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.47757747769355774},{"id":"https://openalex.org/keywords/markup-language","display_name":"Markup language","score":0.4607703387737274},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39833903312683105},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3981662392616272},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3658614754676819},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.36162692308425903},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.26869043707847595},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.23759371042251587},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.19485199451446533}],"concepts":[{"id":"https://openalex.org/C2779886121","wikidata":"https://www.wikidata.org/wiki/Q288682","display_name":"XACML","level":3,"score":0.9711536169052124},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8095722198486328},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.743232250213623},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.7357687950134277},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5264131426811218},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.5087562203407288},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.47757747769355774},{"id":"https://openalex.org/C45874996","wikidata":"https://www.wikidata.org/wiki/Q37045","display_name":"Markup language","level":3,"score":0.4607703387737274},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39833903312683105},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3981662392616272},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3658614754676819},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.36162692308425903},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.26869043707847595},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.23759371042251587},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.19485199451446533}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/2854065.2854079","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2854065.2854079","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 5th ACM SIGPLAN Conference on Certified Programs and Proofs","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.697.8355","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.697.8355","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.site.uottawa.ca/%7Eafelty/dist/arsec13.pdf","raw_type":"text"},{"id":"pmh:oai:collectionscanada.gc.ca:OOU./en#10393/20539","is_oa":false,"landing_page_url":"http://hdl.handle.net/10393/20539","pdf_url":null,"source":{"id":"https://openalex.org/S4306402307","display_name":"Library and Archives Canada (Government of Canada)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2802286613","host_organization_name":"Government of Canada","host_organization_lineage":["https://openalex.org/I2802286613"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Th\u00c3\u00a8se / Thesis"},{"id":"doi:10.20381/ruor-5150","is_oa":true,"landing_page_url":"https://doi.org/10.20381/ruor-5150","pdf_url":null,"source":{"id":"https://openalex.org/S7407053184","display_name":"University of Ottawa - Library","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article-journal"}],"best_oa_location":{"id":"doi:10.20381/ruor-5150","is_oa":true,"landing_page_url":"https://doi.org/10.20381/ruor-5150","pdf_url":null,"source":{"id":"https://openalex.org/S7407053184","display_name":"University of Ottawa - Library","issn_l":null,"issn":[],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article-journal"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https://openalex.org/W69024957","https://openalex.org/W186851202","https://openalex.org/W1508641834","https://openalex.org/W1553511155","https://openalex.org/W1560253649","https://openalex.org/W1573773559","https://openalex.org/W1844068232","https://openalex.org/W2064070192","https://openalex.org/W2069728203","https://openalex.org/W2107806048","https://openalex.org/W2130669223","https://openalex.org/W2140147968","https://openalex.org/W2146356111","https://openalex.org/W2151290962","https://openalex.org/W2152985099","https://openalex.org/W2163218676","https://openalex.org/W2167122335","https://openalex.org/W2168884369","https://openalex.org/W2170134401","https://openalex.org/W4239223340"],"related_works":["https://openalex.org/W2298494124","https://openalex.org/W2125405387","https://openalex.org/W2351416088","https://openalex.org/W2049536973","https://openalex.org/W1993102289","https://openalex.org/W130718849","https://openalex.org/W2120588644","https://openalex.org/W2896439152","https://openalex.org/W2981186629","https://openalex.org/W2121163399"],"abstract_inverted_index":{"We":[0,174,193],"describe":[1],"the":[2,109,116,153,163,172,184,190,202],"formalization":[3],"of":[4,105,111,150,197],"a":[5,9,22,59,65,112,120,195],"correctness":[6],"proof":[7],"for":[8,13,40],"conflict":[10,56],"detection":[11],"algorithm":[12,114,177,191],"XACML":[14,20,134],"(eXtensible":[15],"Access":[16],"Control":[17],"Markup":[18],"Language).":[19],"is":[21,30,38,100,124],"standardized":[23],"declarative":[24],"access":[25,83,92],"control":[26],"policy":[27,60],"language":[28],"that":[29,70],"increasingly":[31],"used":[32],"in":[33,58,119],"industry.":[34],"In":[35,126],"practice":[36],"it":[37],"common":[39],"rule":[41,63],"sets":[42],"to":[43,52,77,84,93,146,171,178,188,199],"grow":[44],"large,":[45],"and":[46,67,108,139,158,166,181],"contain":[47],"unintended":[48],"errors,":[49],"often":[50],"due":[51],"conflicting":[53],"rules.":[54],"A":[55],"occurs":[57],"when":[61],"one":[62],"permits":[64],"request":[66],"another":[68],"denies":[69],"same":[71],"request.":[72],"Such":[73],"errors":[74],"can":[75],"lead":[76],"serious":[78],"risks":[79],"involving":[80],"both":[81],"allowing":[82],"an":[85,102,176],"unauthorized":[86],"user":[87],"as":[88,90,142,144],"well":[89,143],"denying":[91],"someone":[94],"who":[95],"needs":[96],"it.":[97],"Removing":[98],"conflicts":[99,180],"thus":[101],"important":[103],"aspect":[104],"debugging":[106],"policies,":[107],"use":[110,183],"verified":[113],"provides":[115],"highest":[117],"assurance":[118],"domain":[121],"where":[122],"security":[123],"important.":[125],"this":[127],"paper,":[128],"we":[129],"focus":[130],"on":[131],"several":[132],"complex":[133],"constructs,":[135],"including":[136],"time":[137],"ranges":[138],"integer":[140],"intervals,":[141],"ways":[145],"combine":[147],"any":[148],"number":[149],"functions":[151],"using":[152],"boolean":[154],"operators":[155],"and,":[156],"or,":[157],"not.":[159],"The":[160],"latter":[161],"are":[162],"most":[164],"complex,":[165],"add":[167],"significant":[168],"expressive":[169],"power":[170],"language.":[173],"propose":[175],"find":[179],"then":[182],"Coq":[185],"Proof":[186],"Assistant":[187],"prove":[189],"correct.":[192],"develop":[194],"library":[196],"tactics":[198],"help":[200],"automate":[201],"proof.":[203]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":4},{"year":2014,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}