{"id":"https://openalex.org/W3076546624","doi":"https://doi.org/10.34028/iajit/17/5/14","title":"Advanced Analysis of the Integrity of Access Control Policies: the Specific Case of Databases","display_name":"Advanced Analysis of the Integrity of Access Control Policies: the Specific Case of Databases","publication_year":2020,"publication_date":"2020-08-18","ids":{"openalex":"https://openalex.org/W3076546624","doi":"https://doi.org/10.34028/iajit/17/5/14","mag":"3076546624"},"language":"en","primary_location":{"id":"doi:10.34028/iajit/17/5/14","is_oa":true,"landing_page_url":"http://doi.org/10.34028/iajit/17/5/14","pdf_url":"https://doi.org/10.34028/iajit/17/5/14","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.34028/iajit/17/5/14","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002514441","display_name":"Faouzi Ja\u00efdi","orcid":"https://orcid.org/0000-0001-5893-5296"},"institutions":[{"id":"https://openalex.org/I179097149","display_name":"University of Carthage","ror":"https://ror.org/057x6za15","country_code":"TN","type":"education","lineage":["https://openalex.org/I179097149"]},{"id":"https://openalex.org/I108714496","display_name":"Tunis University","ror":"https://ror.org/02q1spa57","country_code":"TN","type":"education","lineage":["https://openalex.org/I108714496"]}],"countries":["TN"],"is_corresponding":true,"raw_author_name":"Faouzi Jaidi","raw_affiliation_strings":["Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia"],"affiliations":[{"raw_affiliation_string":"Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia","institution_ids":["https://openalex.org/I179097149","https://openalex.org/I108714496"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003589051","display_name":"Faten Labbene Ayachi","orcid":null},"institutions":[{"id":"https://openalex.org/I108714496","display_name":"Tunis University","ror":"https://ror.org/02q1spa57","country_code":"TN","type":"education","lineage":["https://openalex.org/I108714496"]},{"id":"https://openalex.org/I179097149","display_name":"University of Carthage","ror":"https://ror.org/057x6za15","country_code":"TN","type":"education","lineage":["https://openalex.org/I179097149"]}],"countries":["TN"],"is_corresponding":false,"raw_author_name":"Faten Ayachi","raw_affiliation_strings":["Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia"],"affiliations":[{"raw_affiliation_string":"Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia","institution_ids":["https://openalex.org/I179097149","https://openalex.org/I108714496"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5107395150","display_name":"Adel Bouhoula","orcid":null},"institutions":[{"id":"https://openalex.org/I179097149","display_name":"University of Carthage","ror":"https://ror.org/057x6za15","country_code":"TN","type":"education","lineage":["https://openalex.org/I179097149"]},{"id":"https://openalex.org/I108714496","display_name":"Tunis University","ror":"https://ror.org/02q1spa57","country_code":"TN","type":"education","lineage":["https://openalex.org/I108714496"]}],"countries":["TN"],"is_corresponding":false,"raw_author_name":"Adel Bouhoula","raw_affiliation_strings":["Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia"],"affiliations":[{"raw_affiliation_string":"Digital Security Research Lab, Higher School of Communication of Tunis, University of Carthage, Tunisia","institution_ids":["https://openalex.org/I179097149","https://openalex.org/I108714496"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5002514441"],"corresponding_institution_ids":["https://openalex.org/I108714496","https://openalex.org/I179097149"],"apc_list":null,"apc_paid":null,"fwci":0.6976,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.8111506,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"17","issue":"5","first_page":"808","last_page":"815"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.993399977684021,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7613047957420349},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6986068487167358},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6458003520965576},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.592719316482544},{"id":"https://openalex.org/keywords/data-integrity","display_name":"Data integrity","score":0.5595617294311523},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.545650064945221},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.5156377553939819},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.4443243443965912},{"id":"https://openalex.org/keywords/relevance","display_name":"Relevance (law)","score":0.43065541982650757}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7613047957420349},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6986068487167358},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6458003520965576},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.592719316482544},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.5595617294311523},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.545650064945221},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.5156377553939819},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.4443243443965912},{"id":"https://openalex.org/C158154518","wikidata":"https://www.wikidata.org/wiki/Q7310970","display_name":"Relevance (law)","level":2,"score":0.43065541982650757},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.34028/iajit/17/5/14","is_oa":true,"landing_page_url":"http://doi.org/10.34028/iajit/17/5/14","pdf_url":"https://doi.org/10.34028/iajit/17/5/14","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.34028/iajit/17/5/14","is_oa":true,"landing_page_url":"http://doi.org/10.34028/iajit/17/5/14","pdf_url":"https://doi.org/10.34028/iajit/17/5/14","source":{"id":"https://openalex.org/S100666833","display_name":"The International Arab Journal of Information Technology","issn_l":"1683-3198","issn":["1683-3198","2309-4524"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4362726017","host_organization_name":"Zarqa University","host_organization_lineage":["https://openalex.org/P4362726017"],"host_organization_lineage_names":["Zarqa University"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"The International Arab Journal of Information Technology","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5,"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3076546624.pdf","grobid_xml":"https://content.openalex.org/works/W3076546624.grobid-xml"},"referenced_works_count":17,"referenced_works":["https://openalex.org/W1486178352","https://openalex.org/W1512255261","https://openalex.org/W1517275102","https://openalex.org/W1559870885","https://openalex.org/W1963887709","https://openalex.org/W1986989788","https://openalex.org/W2029407716","https://openalex.org/W2070493828","https://openalex.org/W2077410855","https://openalex.org/W2092064278","https://openalex.org/W2124511523","https://openalex.org/W2166602595","https://openalex.org/W2293656887","https://openalex.org/W4248645789","https://openalex.org/W6640927337","https://openalex.org/W6647338524","https://openalex.org/W6684357133"],"related_works":["https://openalex.org/W2148952798","https://openalex.org/W3138978413","https://openalex.org/W2475594486","https://openalex.org/W4386618948","https://openalex.org/W2378809132","https://openalex.org/W14205470","https://openalex.org/W1531159543","https://openalex.org/W2355647610","https://openalex.org/W2358979824","https://openalex.org/W1015545679"],"abstract_inverted_index":{"Databases":[0],"are":[1,22,87],"considered":[2],"as":[3,89],"one":[4],"of":[5,26,40,120,123,178],"the":[6,24,38,68,72,94,118,121,142,145,176],"most":[7,90],"compromised":[8],"assets":[9],"according":[10,100],"to":[11,101,137,174],"2014-2016":[12],"Verizon":[13],"Data":[14],"Breach":[15],"Reports.":[16],"The":[17,59],"reason":[18],"is":[19,43,62],"that":[20],"databases":[21],"at":[23],"heart":[25],"Information":[27],"Systems":[28],"(IS)":[29],"and":[30,46,70,77,83,134,148],"store":[31],"confidential":[32],"business":[33],"or":[34],"private":[35],"records.":[36],"Ensuring":[37],"integrity":[39,69,122],"sensitive":[41],"records":[42],"highly":[44],"required":[45],"even":[47],"vital":[48],"in":[49,74,93,114,161],"critical":[50,78,91],"systems":[51],"(e-health,":[52],"clouds,":[53],"e-government,":[54],"big":[55],"data,":[56],"e-commerce,":[57],"etc.,).":[58],"access":[60,85,124],"control":[61,125],"a":[63,132,154],"key":[64],"mechanism":[65],"for":[66,157],"ensuring":[67],"preserving":[71],"privacy":[73],"large":[75],"scale":[76],"infrastructures.":[79],"Nonetheless,":[80],"excessive,":[81],"unused":[82],"abused":[84],"privileges":[86],"identified":[88],"threats":[92,99],"top":[95],"ten":[96],"database":[97],"security":[98,139,146],"2013-2015":[102],"Imperva":[103],"Application":[104],"Defense":[105],"Center":[106],"reports.":[107],"To":[108],"address":[109],"this":[110,115],"issue,":[111],"we":[112],"focus":[113],"paper":[116],"on":[117,171],"analysis":[119],"policies":[126],"within":[127],"relational":[128],"databases.":[129],"We":[130,152,169],"propose":[131],"rigorous":[133],"complete":[135],"solution":[136],"help":[138],"architects":[140],"verifying":[141],"correspondence":[143],"between":[144],"planning":[147],"its":[149],"concrete":[150,162],"implementation.":[151],"define":[153],"formal":[155],"framework":[156],"detecting":[158],"non-compliance":[159],"anomalies":[160],"Role":[163],"Based":[164],"Access":[165],"Control":[166],"(RBAC)":[167],"policies.":[168],"rely":[170],"an":[172],"example":[173],"illustrate":[175],"relevance":[177],"our":[179],"contribution":[180]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}