{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,1]],"date-time":"2026-05-01T10:42:29Z","timestamp":1777632149539,"version":"3.51.4"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783031020667","type":"print"},{"value":"9783031020674","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-02067-4_9","type":"book-chapter","created":{"date-parts":[[2022,4,8]],"date-time":"2022-04-08T05:10:25Z","timestamp":1649394625000},"page":"137-152","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Policy Modeling and\u00a0Anomaly Detection in\u00a0ABAC Policies"],"prefix":"10.1007","author":[{"given":"Maryam","family":"Davari","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohammad","family":"Zulkernine","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,4,9]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E.S., Hamed, H.H.: Discovery of policy anomalies in distributed firewalls. In: IEEE Infocom 2004, vol. 4, pp. 2605\u20132616. IEEE (2004)","DOI":"10.1109\/INFCOM.2004.1354680"},{"issue":"2","key":"9_CR2","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/s10207-007-0045-7","volume":"7","author":"JG Alfaro","year":"2008","unstructured":"Alfaro, J.G., Boulahia-Cuppens, N., Cuppens, F.: Complete analysis of configuration rules to guarantee reliable network security policies. Int. J. Inf. Secur. 7(2), 103\u2013122 (2008)","journal-title":"Int. J. Inf. Secur."},{"key":"9_CR3","unstructured":"Anderson, A., et al.: Extensible access control markup language (XACML) version 1.0. OASIS (2003)"},{"key":"9_CR4","unstructured":"Bandara, A., Calo, S., Lobo, J., Lupu, E., Russo, A., Sloman, M.: Toward a formal characterization of policy specification & analysis. In: Annual Conference of ITA (ACITA), University of Maryland, USA. Citeseer (2007)"},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Bhatt, S., Patwa, F., Sandhu, R.: ABAC with group attributes and attribute hierarchies utilizing the policy machine. In: Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, pp. 17\u201328 (2017)","DOI":"10.1145\/3041048.3041053"},{"key":"9_CR6","doi-asserted-by":"crossref","unstructured":"Capretta, V., Stepien, B., Felty, A., Matwin, S.: Formal correctness of conflict detection for firewalls. In: Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering, pp. 22\u201330 (2007)","DOI":"10.1145\/1314436.1314440"},{"key":"9_CR7","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1016\/j.entcs.2007.01.064","volume":"186","author":"F Cuppens","year":"2007","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High level conflict management strategies in advanced access control models. Electron. Notes Theoret. Comput. Sci. 186, 3\u201326 (2007)","journal-title":"Electron. Notes Theoret. Comput. Sci."},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Davy, S., Jennings, B., Strassner, J.: Efficient policy conflict analysis for autonomic network management. In: Fifth IEEE Workshop on Engineering of Autonomic and Autonomous Systems (ease 2008), pp. 16\u201324. IEEE (2008)","DOI":"10.1109\/EASe.2008.8"},{"issue":"4","key":"9_CR9","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1109\/C-M.1978.218136","volume":"11","author":"RA DeMillo","year":"1978","unstructured":"DeMillo, R.A., Lipton, R.J., Sayward, F.G.: Hints on test data selection: help for the practicing programmer. Computer 11(4), 34\u201341 (1978)","journal-title":"Computer"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"El Hadj, M.A., Ayache, M., Benkaouz, Y., Khoumsi, A., Erradi, M.: Clustering-based approach for anomaly detection in XACML policies. In: SECRYPT, pp. 548\u2013553 (2017)","DOI":"10.5220\/0006471205480553"},{"issue":"16","key":"9_CR11","first-page":"e3","volume":"5","author":"MA El Hadj","year":"2018","unstructured":"El Hadj, M.A., Khoumsi, A., Benkaouz, Y., Erradi, M.: Formal approach to detect and resolve anomalies while clustering ABAC policies. EAI Endorsed Trans. Secur. Saf. 5(16), e3 (2018)","journal-title":"EAI Endorsed Trans. Secur. Saf."},{"key":"9_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-642-19348-4_15","volume-title":"Data Privacy Management and Autonomous Spontaneous Security","author":"J Garcia-Alfaro","year":"2011","unstructured":"Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Preda, S.: MIRAGE: a management tool for the analysis and deployment of network security policies. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds.) DPM\/SETOP -2010. LNCS, vol. 6514, pp. 203\u2013215. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19348-4_15"},{"key":"9_CR13","doi-asserted-by":"crossref","unstructured":"Hu, H., Ahn, G.J., Kulkarni, K.: Fame: a firewall anomaly management environment. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp. 17\u201326 (2010)","DOI":"10.1145\/1866898.1866902"},{"issue":"6","key":"9_CR14","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1109\/TDSC.2013.18","volume":"10","author":"H Hu","year":"2013","unstructured":"Hu, H., Ahn, G.J., Kulkarni, K.: Discovery and resolution of anomalies in web access control policies. IEEE Trans. Dependable Secure Comput. 10(6), 341\u2013354 (2013)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"162","key":"9_CR15","first-page":"1","volume":"800","author":"VC Hu","year":"2013","unstructured":"Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Spec. Publ. 800(162), 1\u201354 (2013)","journal-title":"NIST Spec. Publ."},{"issue":"6","key":"9_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3295749","volume":"51","author":"AA Jabal","year":"2019","unstructured":"Jabal, A.A., Davari, M., Bertino, E., Makaya, C., Calo, S., Verma, D., Russo, A., Williams, C.: Methods and tools for policy analysis. ACM Comput. Surv. (CSUR) 51(6), 1\u201335 (2019)","journal-title":"ACM Comput. Surv. (CSUR)"},{"issue":"6","key":"9_CR17","doi-asserted-by":"publisher","first-page":"1914","DOI":"10.1109\/TSC.2019.2900641","volume":"14","author":"AA Jabal","year":"2019","unstructured":"Jabal, A.A., et al.: Profact: a provenance-based analytics framework for access control policies. IEEE Trans. Serv. Comput. 14(6), 1914\u20131928 (2019)","journal-title":"IEEE Trans. Serv. Comput."},{"issue":"2","key":"9_CR18","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1145\/505145.505149","volume":"11","author":"D Jackson","year":"2002","unstructured":"Jackson, D.: Alloy: a lightweight object modelling notation. ACM Trans. Softw. Eng. Methodol. (TOSEM) 11(2), 256\u2013290 (2002)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"key":"9_CR19","doi-asserted-by":"crossref","unstructured":"Kolovski, V., Hendler, J., Parsia, B.: Analyzing web access control policies. In: Proceedings of the 16th International Conference on World Wide Web, pp. 677\u2013686 (2007)","DOI":"10.1145\/1242572.1242664"},{"key":"9_CR20","doi-asserted-by":"crossref","unstructured":"Li, N., Wang, Q., Qardaji, W., Bertino, E., Rao, P., Lobo, J., Lin, D.: Access control policy combining: theory meets practice. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 135\u2013144 (2009)","DOI":"10.1145\/1542207.1542229"},{"key":"9_CR21","unstructured":"Mankai, M., Logrippo, L.: Access control policies: modeling and validation. In: 5th NOTERE Conference (Nouvelles Technologies de la R\u00e9partition), pp. 85\u201391 (2005)"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Martin, E., Hwang, J., Xie, T., Hu, V.: Assessing quality of policy properties in verification of access control policies. In: 2008 Annual Computer Security Applications Conference (ACSAC), pp. 163\u2013172. IEEE (2008)","DOI":"10.1109\/ACSAC.2008.48"},{"key":"9_CR23","doi-asserted-by":"crossref","unstructured":"Mohan, A., Blough, D.M., Kurc, T., Post, A., Saltz, J.: Detection of conflicts and inconsistencies in taxonomy-based authorization policies. In: 2011 IEEE International Conference on Bioinformatics and Biomedicine, pp. 590\u2013594. IEEE (2011)","DOI":"10.1109\/BIBM.2011.79"},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74835-9","volume-title":"Computer Security","year":"2007","unstructured":"Biskup, J., L\u00f3pez, J. (eds.): ESORICS 2007. LNCS, vol. 4734. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74835-9"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237\u2013286. Elsevier (1998)","DOI":"10.1016\/S0065-2458(08)60206-5"},{"key":"9_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/978-3-319-17040-4_12","volume-title":"Foundations and Practice of Security","author":"D Servos","year":"2015","unstructured":"Servos, D., Osborn, S.L.: HGABAC: towards a formal model of hierarchical attribute-based access control. In: Cuppens, F., Garcia-Alfaro, J., Zincir Heywood, N., Fong, P.W.L. (eds.) FPS 2014. LNCS, vol. 8930, pp. 187\u2013204. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-17040-4_12"},{"issue":"1","key":"9_CR27","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/s10207-016-0317-1","volume":"16","author":"RA Shaikh","year":"2017","unstructured":"Shaikh, R.A., Adi, K., Logrippo, L.: A data classification method for inconsistency and incompleteness detection in access control policy sets. Int. J. Inf. Secur. 16(1), 91\u2013113 (2017)","journal-title":"Int. J. Inf. Secur."},{"key":"9_CR28","doi-asserted-by":"crossref","unstructured":"Shaikh, R.A., Adi, K., Logrippo, L., Mankovski, S.: Detecting incompleteness in access control policies using data classification schemes. In: 2010 Fifth International Conference on Digital Information Management (ICDIM), pp. 417\u2013422. IEEE (2010)","DOI":"10.1109\/ICDIM.2010.5664664"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Shaikh, R.A., Adi, K., Logrippo, L., Mankovski, S.: Inconsistency detection method for access control policies. In: 2010 Sixth International Conference on Information Assurance and Security, pp. 204\u2013209. IEEE (2010)","DOI":"10.1109\/ISIAS.2010.5604062"},{"key":"9_CR30","unstructured":"Spanoudakis, N.I., Kakas, A.C., Moraitis, P.: Gorgias-b: argumentation in practice. In: COMMA, pp. 477\u2013478 (2016)"},{"key":"9_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-662-46666-7_7","volume-title":"Principles of Security and Trust","author":"F Turkmen","year":"2015","unstructured":"Turkmen, F., den Hartog, J., Ranise, S., Zannone, N.: Analysis of XACML policies with SMT. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 115\u2013134. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46666-7_7"},{"key":"9_CR32","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1016\/j.cose.2017.01.009","volume":"66","author":"F Turkmen","year":"2017","unstructured":"Turkmen, F., den Hartog, J., Ranise, S., Zannone, N.: Formal analysis of XACML policies using SMT. Comput. Secur. 66, 185\u2013203 (2017)","journal-title":"Comput. Secur."},{"key":"9_CR33","doi-asserted-by":"crossref","unstructured":"Verma, D., et al.: Generative policy model for autonomic management. In: 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld\/SCALCOM\/UIC\/ATC\/CBDCom\/IOP\/SCI), pp. 1\u20136. IEEE (2017)","DOI":"10.1109\/UIC-ATC.2017.8397410"},{"issue":"5","key":"9_CR34","doi-asserted-by":"publisher","first-page":"533","DOI":"10.1109\/TDSC.2014.2369048","volume":"12","author":"Z Xu","year":"2014","unstructured":"Xu, Z., Stoller, S.D.: Mining attribute-based access control policies. IEEE Trans. Dependable Secure Comput. 12(5), 533\u2013545 (2014)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"9_CR35","doi-asserted-by":"crossref","unstructured":"Yuan, L., Chen, H., Mai, J., Chuah, C.N., Su, Z., Mohapatra, P.: Fireman: a toolkit for firewall modeling and analysis. In: 2006 IEEE Symposium on Security and Privacy (S&P 2006), p. 15. IEEE (2006)","DOI":"10.1109\/SP.2006.16"}],"container-title":["Lecture Notes in Computer Science","Risks and Security of Internet and Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-02067-4_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,21]],"date-time":"2024-09-21T20:20:26Z","timestamp":1726950026000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-02067-4_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031020667","9783031020674"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-02067-4_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"9 April 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRiSIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Risks and Security of Internet and Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ames, IA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 November 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 November 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crisis2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.crisis-2021.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychaire","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"9","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"39% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}