{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T21:37:29Z","timestamp":1726004249450},"publisher-location":"Cham","reference-count":16,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030061517"},{"type":"electronic","value":"9783030061524"}],"license":[{"start":{"date-parts":[[2018,12,30]],"date-time":"2018-12-30T00:00:00Z","timestamp":1546128000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-06152-4_6","type":"book-chapter","created":{"date-parts":[[2018,12,29]],"date-time":"2018-12-29T19:32:55Z","timestamp":1546111975000},"page":"58-69","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["On the Compliance of Access Control Policies in Web Applications"],"prefix":"10.1007","author":[{"given":"Thanh-Nhan","family":"Luong","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dinh-Hieu","family":"Vo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Van-Khanh","family":"To","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ninh-Thuan","family":"Truong","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,12,30]]},"reference":[{"key":"6_CR1","doi-asserted-by":"crossref","unstructured":"Alalfi, M.H., Cordy, J.R., Dean, T.R.: A verification framework for access control in dynamic web applications. In: Proceedings of the 2nd Canadian Conference on Computer Science and Software Engineering, pp. 109\u2013113. ACM (2009)","DOI":"10.1145\/1557626.1557643"},{"key":"6_CR2","doi-asserted-by":"crossref","unstructured":"Alalfi, M.H., Cordy, J.R., Dean, T.R.: Automated verification of role-based access control security models recovered from dynamic web applications. In: 2012 14th IEEE International Symposium on Web Systems Evolution (WSE), pp. 1\u201310. IEEE (2012)","DOI":"10.1109\/WSE.2012.6320525"},{"key":"6_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-642-31753-8_9","volume-title":"Web Engineering","author":"MH Alalfi","year":"2012","unstructured":"Alalfi, M.H., Cordy, J.R., Dean, T.R.: Recovering role-based access control security models from dynamic web applications. In: Brambilla, M., Tokuda, T., Tolksdorf, R. (eds.) ICWE 2012. LNCS, vol. 7387, pp. 121\u2013136. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31753-8_9"},{"issue":"1","key":"6_CR4","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1016\/j.entcs.2006.01.023","volume":"157","author":"D Castelluccia","year":"2006","unstructured":"Castelluccia, D., Mongiello, M., Ruta, M., Totaro, R.: WAVer: a model checking-based tool to verify web application design. Electron. Notes Theor. Comput. Sci. 157(1), 61\u201376 (2006)","journal-title":"Electron. Notes Theor. Comput. Sci."},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Choi, E.H., Watanabe, H.: Model checking class specifications for web applications. In: 12th Asia-Pacific Software Engineering Conference, APSEC 2005, p. 9. IEEE (2005)","DOI":"10.1109\/APSEC.2005.79"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Di Sciascio, E., Donini, F.M., Mongiello, M., Piscitelli, G.: AnWeb: a system for automatic support to web application verification. In: Proceedings of the 14th International Conference on Software Engineering and Knowledge Engineering, pp. 609\u2013616. ACM (2002)","DOI":"10.1145\/568760.568866"},{"key":"6_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/11531371_12","volume-title":"Web Engineering","author":"E Sciascio Di","year":"2005","unstructured":"Di Sciascio, E., Donini, F.M., Mongiello, M., Totaro, R., Castelluccia, D.: Design verification of web applications using symbolic model checking. In: Lowe, D., Gaedke, M. (eds.) ICWE 2005. LNCS, vol. 3579, pp. 69\u201374. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11531371_12"},{"key":"6_CR8","volume-title":"Role-Based Access Control","author":"D Ferraiolo","year":"2003","unstructured":"Ferraiolo, D., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Norwood (2003)"},{"issue":"3","key":"6_CR9","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1145\/501978.501980","volume":"4","author":"DF Ferraiolo","year":"2001","unstructured":"Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. (TISSEC) 4(3), 224\u2013274 (2001)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"6_CR10","first-page":"222","volume":"3","author":"A Garg","year":"2013","unstructured":"Garg, A., Singh, S.: A review on web application security vulnerabilities. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 3, 222\u2013226 (2013)","journal-title":"Int. J. Adv. Res. Comput. Sci. Softw. Eng."},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Idani, A.: Model driven secure web applications: the SeWAT platform. In: Proceedings of the Fifth European Conference on the Engineering of Computer-Based Systems, p. 3. ACM (2017)","DOI":"10.1145\/3123779.3123800"},{"key":"6_CR12","volume-title":"Software Security Engineering: A Guide for Project Managers","author":"NR Mead","year":"2004","unstructured":"Mead, N.R., Allen, J.H., Barnum, S., Ellison, R.J., McGraw, G.: Software Security Engineering: A Guide for Project Managers. Addison-Wesley Professional, Boston (2004)"},{"key":"6_CR13","unstructured":"Principe, M., Yoon, D.: A web application using MVC framework. In: Proceedings of the International Conference on e-Learning, e-Business, Enterprise Information Systems, and e-Government (EEE), p. 10 (2015)"},{"key":"6_CR14","unstructured":"Rubenstein, S.: Are your medical records at risk? Wall Street J. (2009)"},{"key":"6_CR15","volume-title":"Web Application Architecture","author":"L Shklar","year":"2009","unstructured":"Shklar, L., Rosen, R.: Web Application Architecture. Wiley, Hoboken (2009)"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Touseef, P., Ashraf, M.A., Rafiq, A.: Analysis of risks against web applications in MVC. NFC IEFR J. Eng. Sci. Res. 5 (2017)","DOI":"10.24081\/nijesr.2017.1.0005"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Context-Aware Systems and Applications, and Nature of Computation and Communication"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-06152-4_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,13]],"date-time":"2019-11-13T07:44:15Z","timestamp":1573631055000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-06152-4_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,30]]},"ISBN":["9783030061517","9783030061524"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-06152-4_6","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018,12,30]]},"assertion":[{"value":"ICCASA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Context-Aware Systems and Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Viet Tri City","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Vietnam","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iccasa2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/iccasa.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}