{"id":"https://openalex.org/W2601860672","doi":"https://doi.org/10.1145/3029806.3029813","title":"Aegis","display_name":"Aegis","publication_year":2017,"publication_date":"2017-03-20","ids":{"openalex":"https://openalex.org/W2601860672","doi":"https://doi.org/10.1145/3029806.3029813","mag":"2601860672"},"language":"en","primary_location":{"id":"doi:10.1145/3029806.3029813","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029813","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071893704","display_name":"Luca Compagna","orcid":"https://orcid.org/0009-0003-1072-4352"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Luca Compagna","raw_affiliation_strings":["SAP Labs France, Mougins, France"],"affiliations":[{"raw_affiliation_string":"SAP Labs France, Mougins, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064443338","display_name":"Daniel Ricardo dos Santos","orcid":"https://orcid.org/0000-0002-7747-260X"},"institutions":[{"id":"https://openalex.org/I2277624104","display_name":"Fondazione Bruno Kessler","ror":"https://ror.org/01j33xk10","country_code":"IT","type":"facility","lineage":["https://openalex.org/I2277624104"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Daniel Ricardo dos Santos","raw_affiliation_strings":["Fondazione Bruno Kessler &amp; SAP Labs France, Trento, Italy"],"affiliations":[{"raw_affiliation_string":"Fondazione Bruno Kessler &amp; SAP Labs France, Trento, Italy","institution_ids":["https://openalex.org/I2277624104"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035492762","display_name":"Serena Elisa Ponta","orcid":"https://orcid.org/0000-0002-6208-4743"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Serena Elisa Ponta","raw_affiliation_strings":["SAP Labs France, Mougins, France"],"affiliations":[{"raw_affiliation_string":"SAP Labs France, Mougins, France","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5047487115","display_name":"Silvio Ranise","orcid":"https://orcid.org/0000-0001-7269-9285"},"institutions":[{"id":"https://openalex.org/I2277624104","display_name":"Fondazione Bruno Kessler","ror":"https://ror.org/01j33xk10","country_code":"IT","type":"facility","lineage":["https://openalex.org/I2277624104"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Silvio Ranise","raw_affiliation_strings":["Fondazione Bruno Kessler, Trento, Italy"],"affiliations":[{"raw_affiliation_string":"Fondazione Bruno Kessler, Trento, Italy","institution_ids":["https://openalex.org/I2277624104"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5071893704"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2462,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.84660214,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"321","last_page":"328"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.7170418500900269},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6996669769287109},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6788556575775146},{"id":"https://openalex.org/keywords/workflow","display_name":"Workflow","score":0.594047486782074},{"id":"https://openalex.org/keywords/separation-of-duties","display_name":"Separation of duties","score":0.5249452590942383},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.4980945587158203},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.48759713768959045},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.48361554741859436},{"id":"https://openalex.org/keywords/business-process","display_name":"Business process","score":0.4259449541568756},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2716577649116516},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.1498863399028778},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.12884387373924255},{"id":"https://openalex.org/keywords/work-in-process","display_name":"Work in process","score":0.08897694945335388}],"concepts":[{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.7170418500900269},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6996669769287109},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6788556575775146},{"id":"https://openalex.org/C177212765","wikidata":"https://www.wikidata.org/wiki/Q627335","display_name":"Workflow","level":2,"score":0.594047486782074},{"id":"https://openalex.org/C100587491","wikidata":"https://www.wikidata.org/wiki/Q1474665","display_name":"Separation of duties","level":4,"score":0.5249452590942383},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.4980945587158203},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.48759713768959045},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.48361554741859436},{"id":"https://openalex.org/C85345410","wikidata":"https://www.wikidata.org/wiki/Q851587","display_name":"Business process","level":3,"score":0.4259449541568756},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2716577649116516},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.1498863399028778},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.12884387373924255},{"id":"https://openalex.org/C174998907","wikidata":"https://www.wikidata.org/wiki/Q357662","display_name":"Work in process","level":2,"score":0.08897694945335388},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3029806.3029813","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3029806.3029813","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:iris.unitn.it:11572/333220","is_oa":false,"landing_page_url":"http://hdl.handle.net/11572/333220","pdf_url":null,"source":{"id":"https://openalex.org/S4377196320","display_name":"Iris (University of Trento)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I193223587","host_organization_name":"University of Trento","host_organization_lineage":["https://openalex.org/I193223587"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1559255981","https://openalex.org/W1845134739","https://openalex.org/W1861561811","https://openalex.org/W1964889053","https://openalex.org/W1975428729","https://openalex.org/W1989617554","https://openalex.org/W1996109622","https://openalex.org/W2016233514","https://openalex.org/W2065317280","https://openalex.org/W2079452443","https://openalex.org/W2091679618","https://openalex.org/W2127456326","https://openalex.org/W2139861604","https://openalex.org/W2167685423","https://openalex.org/W2194917080","https://openalex.org/W2404990348","https://openalex.org/W2408152660","https://openalex.org/W2575458798","https://openalex.org/W4229646213","https://openalex.org/W4230145224","https://openalex.org/W6694164773"],"related_works":["https://openalex.org/W2361825345","https://openalex.org/W2134601432","https://openalex.org/W293625591","https://openalex.org/W2364425805","https://openalex.org/W1989036872","https://openalex.org/W1822413997","https://openalex.org/W2149679626","https://openalex.org/W2152170894","https://openalex.org/W2107243290","https://openalex.org/W3136943026"],"abstract_inverted_index":{"Organizations":[0],"often":[1],"expose":[2],"business":[3,20,90],"processes":[4],"and":[5,28,46,54,70,114],"services":[6],"as":[7,49,51],"web":[8,57],"applications.":[9,58],"Improper":[10],"enforcement":[11,60,108],"of":[12,61,83,88,103,109,112],"security":[13,32,95],"policies":[14,53],"in":[15,56,77],"these":[16,62],"applications":[17],"leads":[18],"to":[19,26,38,43],"logic":[21],"vulnerabilities":[22],"that":[23],"are":[24],"hard":[25],"find":[27],"may":[29],"have":[30],"dramatic":[31],"implications.":[33],"Aegis":[34,85,99],"is":[35,86],"a":[36,101],"tool":[37],"automatically":[39],"synthesize":[40],"run-time":[41],"monitors":[42],"enforce":[44],"control-flow":[45],"data-flow":[47],"integrity,":[48],"well":[50],"authorization":[52,68],"constraints":[55],"The":[59],"properties":[63],"can":[64],"mitigate":[65],"attacks,":[66],"e.g.,":[67,81],"bypass":[69],"workflow":[71],"violations,":[72],"while":[73,92],"allowing":[74],"regulatory":[75],"compliance":[76],"the":[78,94,107],"form":[79],"of,":[80],"Separation":[82],"Duty.":[84],"capable":[87],"guaranteeing":[89],"continuity":[91],"enforcing":[93],"policies.":[96],"We":[97],"evaluate":[98],"on":[100],"set":[102],"real-world":[104],"applications,":[105],"assessing":[106],"policies,":[110],"mitigation":[111],"vulnerabilities,":[113],"performance":[115],"overhead.":[116]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1}],"updated_date":"2026-03-27T14:29:43.386196","created_date":"2017-04-07T00:00:00"}